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How  Intel’s  bid  for  McAfee 
could  shake  up  IT  security 


Back-to-school  IT  projects 
reshaping  campus  life 

BY  JOHN  COX 


BY  NETWORK  WORLD  STAFF 


IF  INTEL’S  bombshell  bid  last  week  to  buy  McAfee  for  $7.68 
billion  pans  out,  the  companies  pledge  to  bring  an  unprece¬ 
dented  level  of  embedded  security  to  networked  devices  rang¬ 
ing  from  smartphones  to  servers,  potentially  changing  the  way 
in  which  security  is  delivered  to  enterprise  IT  shops. 

Intel  and  McAfee  have  been  working  closely  on  a  host  of 
projects  for  18  months  and  expect  to  show  the  first  fruits  of  their  labor  early 
next  year.  Among  other  things,  McAfee  technology  could  complement  Intel’s 
existing  hardware-based  security  and  management  technology,  dubbed  vPro. 

While  company  officials  wouldn’t  spill  details  on  what  products  might 
result,  they  did  say  that  their  combined  hardware  and  software  could  be  used 
to  protect  Internet-connected  devices  —  from  handhelds  to  ATMs  to  cars  — 
from  growing  cyberthreats  in  a  consistent  manner. 

►  See  Intel, page  IS 
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THE  TOP  back-to-school  IT  projects  at  colleges  and  universities  show  a  tidal 
wave  of  change  in  higher  education.  Many  of  the  changes  could  presage  broader 
shifts  in  enterprise  and  consumer  technology. 

Not  surprisingly,  wireless  is  fast  becoming  the  default  network  connection 
for  campus  users,  who  typically  own  two  to  four  wireless-enabled  mobile 
devices.  Virtualization  and  growth  in  cloud-based  services  are  centralizing 
and  offloading  IT  functions.  These  changes,  coupled  with  soaring  video  traffic, 
are  triggering  bandwidth  upgrades  at  all  levels.  As  students  begin  to  populate 
campuses,  we’re  tracking  five  major  areas  of  technology  change. 

►  See  School,  page  16 


CLOUD  STORAGE 
GOES  FIRST  CLASS 

In  real-world  test,  five  cloud 
storage  vendors  deliver  cost 
savings,  fast  access 
to  data.  Page  25  ► 


Redefining  X. 

When  an  organization  needs  more  computing  power  for  today’s  memory-intensive 
workloads,  the  conventional  wisdom  is  to  buy  more  servers.  This  can  lead  to  massive 
inefficiency  and  server  sprawl,  with  the  majority  of  servers  today  running  at  only  10% 
utilization!  As  the  computational  demands  of  a  smarter  planet  continue  to  explode, 
this  sort  of  inefficiency  has  become  a  problem— a  problem  IBM  engineers  have  now 
solved.  The  5th  generation  of  Enterprise  X-Architecture®  from  IBM  featuring  the  Intel® 
Xeon®  Processor  7500  Series  lets  you  add  memory  independently  of  the  processor. 
As  a  result,  IBM  eX5  systems  can  leverage  6x  more  memory  than  current  x86  servers, 
reduce  storage  costs  by  up  to  97%  and  cut  licensing  fees  by  50%? 

A  smarter  business  needs  smarter  software,  systems  and  services. 

Let’s  build  a  smarter  planet,  ibm.com/systems/ex5 


1 .  McKinsey  study:  http://www.datacenterknowledge.eom/archives/2009/04/1 5/mckinsey-data-centers-cheaper-than-cloud/.  2.  Comparison  of  IBM  System  x3850  X5  +  MAX5  with  total  96  DIMMs  x  1 6  GB  for  total  1 .5  TB  of  memory 
vs.  IBM  System  x3850  M2  with  32  DIMMs  x  8  GB  =  256  GB.  Comparison  of  processor-based  licensing  fees  on  current  Generation  4  processor  systems  with  64  DIMMs  vs.  the  IBM  System  x3690  +  MAX5.  IBM  eXFIash  technology  would 
eliminate  the  need  for  a  client  to  purchase  two  entry-level  servers  and  80  JBODs  to  support  a  240,000  lOPs  database  environment,  saving  up  to  97%  in  server  and  storage  acquisition  costs.  IBM,  the  IBM  logo,  ibm.com,  X-Architecture, 
Smarter  Planet  and  the  planet  icon  are  trademarks  of  International  Business  Machines  Corp.,  registered  in  many  jurisdictions  worldwide.  A  current  list  of  IBM  trademarks  is  available  on  the  Web  at  www.ibm.com/legal/copytrade.shtml. 
Intel,  the  Intel  logo,  Xeon  and  Xeon  Inside  are  trademarks  or  registered  trademarks  of  Intel  Corporation  in  the  United  States  and  other  countries.  ©  International  Business  Machines  Corporation  2010. 


YOUR 


>  A 


REMOTE 


SILVER  BULLET. 


Pus, 


You’ve  heard  the  call  for  help  and  are  ready  to  ride  -  all 
you  need  is  the  best  tool  to  let  your  skills  shine.  With  the 
simple  yet  powerful  technology  of  GoToAssist®  Express™, 
you’ll  connect  with  customers  like  never  before. 


Speed  -  Instantly  support  up  to  8  clients  at  once. 

Unlimited  Use  -  Wrangle  all  the  issues  you  want  for  one  flat  fee. 
Performance  -  1 00%  reliability  you  can  hang  your  hat  on. 
Unattended  Support  -  Work  while  customers  are  away. 
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Ready  or  not, 
cloud  is  coming 

Regardless  of  whether  you  are  a  cheerleader 
or  a  naysayer,  the  fact  is  the  pieces  for  cloud 
computing  are  coalescing  rapidly.  This  stuff  isn’t 
vaporware.  Our  tests  of  cloud 
services  —  the  third  of  which 
appears  on  page  25  —  show  a 
growing  list  of  capabilities. 

We  started  the  exploration  of  cloud  services  by  testing 
servers,  establishing  20  CPUs  in  each  of  three  cloud  pro¬ 
viders  to  learn  about  everything  from  provisioning  to  per¬ 
formance,  security  and  pricing  (see  tinyurl.com/yfe2cfs). 

Next  up  was  the  first  ever  test  (tinyurl.com/279uc55)  of 
public  cloud  management  wares,  tools  that  let  us  build, 
deploy,  monitor  usage  and  shut  down  jobs. 

In  this  issue  we  test  cloud  storage  services  (tinyurl.com/24c56x9),  offerings  that 
can  be  used  to  support  everything  from  the  computing  you’re  doing  in  the  cloud  to 
data  warehousing,  says  lead  tester  Tom  Henderson. 

While  spending  on  public  IT  cloud  services  (excluding  private  cloud  spending) 
is  only  about  a  20th  of  what  is  spent  on  traditional  IT  products,  cloud  spending  is 
growing  six  times  as  fast,  says  Frank  Gens,  chief  analyst  at  IDC. 

With  a  growth  rate  of  27%  per  year,  by  2014  spending  on  public  cloud  services 
will  reach  $55  billion  and  represent  12%  of  traditional  product  spending. 

2014  is  the  knee  of  the  curve,  Gens  says,  beyond  which  things  will  really  take  off. 
Of  course,  many  issues  need  to  be  resolved  between  now  and  then.  Fujitsu  CTO 
Joseph  Reger  got  it  right  in  a  presentation  at  the  Symantec  Vision  2010  conference 
when  he  said,  according  to  Techpulse360.com,  “The  IT  industry  and  the  cloud 
thing  are  in  the  dating  stage . . .  Dating  is  when  you  see  only  the  bright  side,  the 
opportunities  and  you  don’t  sit  down  and  worry  about  what  could  be  the  issues.” 

Issues  include,  but  are  not  limited  to,  concerns  about  security  (although  our 
tests  reveal  this  may  be  less  of  a  concern  than  you  may  think),  cloud  availability 
and  costs  (our  tests  showing  the  latter  can  be  tricky). 

Then  there  is  the  big  question  about  industry  maturation.  There  will  be  the  typi¬ 
cal  boom  and  bust/consolidation  cycle,  and  while  cloud  computing  is  supposed  to 
make  it  easier  to  swap  suppliers,  we  know  it  will  be  rough  in  the  early  goings. 

To  move  forward,  Reger  advocates  focusing  on  a  private-public  approach  that 
complements  existing  IT  instead  of  subverting  it,  and  we  couldn’t  agree  more.  The 
trick  will  be  measured  advances  that  limit  your  exposure  while  giving  you  the 
opportunity  to  address  specific  needs  and  gain  experience. 

Oddly  enough,  some  pioneers  say  one  of  the  biggest  challenges  can  be  political: 
convincing  internal  line  of  business  owners  they  no  longer  need  those  dedicated 
compute  silos.  Turns  out  that  can  be  a  hard  sell. 

jdix@nww.com 
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Real  threat  or  real  overreaction? 

©  I'M  YOUR  "CYBERTHREAT  denier”. I 
am  the  reader  who  wrote  ‘A  cyber  ‘Pearl 
Harbor?’  Sounds  like  the  security 
industry  is  using  hyperbole  to  try  to  get 
some  government  ‘attention’  (read:  public 
funds)’.  (Re:  Who  are  these  people  who 
think  cybersecurity  experts  are  crying 
wolf?;  tinyurl.com/25pe2bb.)  Who  am  I? 
I’m  an  IT  security  veteran  in  my  20th  year 
at  a  very  large  U.S.  company  (Fortune  20) 
and  in  my  career  I  have  seen  a  lot. 

Yes,  breaches  happen  every  day;  but  by 
your  own  admission,  none  of  them  have 
‘blown  up  the  Internet  entirely’  —  which 
is  exactly  the  mental  image  created  by 
phrases  such  as  “Cyber  Pearl  Harbor”,  or 
I  see  the  word  you  chose  is  “catastrophic”. 
These  terms  are  hyperbolic.  They  elicit 
an  emotional  response  that  is  dispro- 
portional  to  the  actual  threat.  Yes  lots 
of  bad  things  can  and  do  happen,  but 
saying  things  like  “Cyber  Pearl  Harbor” 
is  intended  to  create  FUD  and  frankly 
is  beneath  the  station  of  someone  with 
Clarke’s  credentials.  It’s  alarmist  and  I’m 
not  trying  to  “downplay  the  threat”  I’m 
just  calling  hyperbole  what  it  is.  And 
while  I  do  think  that  often  such  exag¬ 
geration  arises  from  a  genuine  concern 
over  the  problem,  it  is  still  exaggeration 
and  needs  to  be  seen  for  what  it  is.  I  agree 
by  and  large  with  what  these  men  are 
trying  to  accomplish,  but  I  can’t  stand  by 
and  let  that  kind  of  alarmist  rhetoric  go 
unchallenged. 

Anon 

©  I '  M  0  N  E  0  F  those  people.  I  want  to 
know  what  a  “Digital  Pearl  Harbor”  looks 
like.  Is  it  the  destruction  of  ships  at  sea, 
along  with  a  couple  thousand  soldiers 
and  sailors?  How  does  that  work?  Do 
they  send  bombs  through  the  Internet? 

Oh  no,  wait.  They  send  instructions  to  set 
off  bombs  through  the  Internet.  But  how 
do  the  bombs  get  there  in  the  first  place? 
As  far  as  I  can  tell,  mostly  they  mean 
something  like,  “let’s  put  our  electrical 
grid  control  system,  or  our  nuclear  reac¬ 
tor  control  system,  or  something  else  like 
that,  a  big  infrastructure  control  system, 
on  the  Internet,  and  see  what  happens.” 

Anyone  stupid  enough  to  hook  up  the 
electrical  grid  to  the  Internet  deserves 
anything  that  happens. 

But  more  often  than  not,  it's  the  things 
that  happen  every  day  that  [mess]  things 


up.  Like  massive  telephone  outages 
because  someone  “upgraded”  the  system 
software,  and  there  was  a  “glitch”.  Or 
someone  flipped  the  wrong  switch  at  a 
power  station,  sucking  all  of  the  power 
out  of  the  regional  grid. 

And  here’s  Richard  Clarke,  making  like 
Kevin  McCarthy  in  “Invasion  of  the  Body 
Snatchers”,  there  in  the  middle  of  the 
highway,  yelling  “They’re  here,  people! 
They’re  here!” 

Anon 

Acquisitions  are  necessity 
in  U.S.  financial  market 

O  ANOTHER  CHALLENGE  FOR  Intel  and 
others  like  them  is  that  the  U.S.  financial 
markets  want  massive  gains  year  over 
year.  (Re:  Intel  buys  McAfee:  My  two 
cents;  tinyurl.com/2e2zygh.) 

How  can  a  multi-billion  dollar  com¬ 
pany  achieve  that  growth  without  buying 
other  companies  or  entering  brand  new 
markets?  Also  it  would  be  interesting  to 
see  who  else  was  in  the  mix  here:  Was 
Intel  looking  at  other  companies?  Was 
McAfee?  While  I  get  some  of  this  I  think 
Intel  saw  an  opportunity  to  grow  the  $$$ 
pool  without  having  the  government  eye 
on  them  for  non-competitive  behavior. 

Anon 

Microsoft  smartphone  needs 
perfection  to  stand  out 

©  DON’T  DISCOUNT  PRETTY.  IfWin- 
dows  Phone  7  software  is  amazing 
and  the  phone  looks  or  feels  lame  it 
will  not  succeed.  (Re:  Microsoft  fields 
over  8,000  Windows  Phone  7  phones. 
[Insert  adjective  of  choice  here];  tinyurl. 
com/243bssq.) 

Yeah  sure  it  is  subjective,  but  you  know 
what  I  mean.  Absolutely  everything  has 
to  fall  in  place  for  Microsoft  to  have  a 
win.  I  agree  that  the  software  is  way  more 
important  than  the  hardware  (or  should 
be)  but  hardware  is  important  as  well. 

The  first  thing  the  consumer  does,  after 
all,  is  hold  the  device  before  turning  it  on. 
Microsoft  is  facing  tough  competition  and 
a  waning  image  in  the  consumer  space. 

It’s  going  to  take  something  seriously  spe¬ 
cial  to  steal  much  spotlight  from  Android 
and  iPhone.  And  as  much  as  MS  and  RIM 
may  not  want  to  admit  it,  the  consumer 
space  is  driving  the  future  of  business 
mobility. 

Anon 
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were  out..  .  If  you  miss  a  call,  you  miss  an 

opportunity.  With  Sprint  Mobile  Integration  and  Global  MPLS, 
you’ll  have  one  number,  one  voicemail  and  one  easy  way 
to  control  mobile  usage.  Simplify  the  way  your  company 
stays  in  touch.  Make  it  easier  for  clients  to  reach  you. 

And  reduce  company  telecom  expenses.  Less  dialing, 
happier  clients.  Start  closing.  1-866-653-1056 
sprint.com/convergence 
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IT  professionals  name  Sprint  best  provider  of  MPLS— delivering 
best  value,  customer  service,  technology  and  network  reliability. 


Coverage  not  available  everywhere.  The  3G  Sprint  Mobile  Broadband  Network  (including  data  roaming)  reaches  over  269  million  people.  The  Nationwide  Sprint  and  Nextel  National  Networks  reach  over  275  and  274  million  people, 
respectively.  Other  restrictions  apply.  See  store  or  sprint.com  for  details.  ©2010  Sprint.  Sprint  and  the  logo  are  trademarks  of  Sprint.  Other  marks  are  the  property  of  their  respective  owners. 
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Dell  shopping'  spree 
continues 

DELL  ANNOUNCED  PLANS  to  acquire  virtualized  storage 
provider  3PAR  for  about  $1.15  billion,  a  move  that  will  boost 
its  capabilities  for  building  public  and  private  cloud  comput¬ 
ing  environments  and  pit  the  company  against  top  storage 
providers  including  IBM,  HP,  Hitachi  and  even  Dell-partner 
EMC.  The  3PAR  deal  is  the  latest  move  by  Dell  to  flesh  out  a 
stack  of  enterprise  data  center  technologies,  coming  shortly 
after  announcements  it  would  buy  server  provisioning  vendor 
Scalent  and  storage  optimization  provider  Ocarina  Networks. 
tinyurl.com/376m75k 
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Big  Blue's  biggest  No  Hyper-V 

Unix  server  at  VMworld 


which  tracks  the  installed  base 
of  equipment  that  can  access 
the  Internet.  This  second  tidal 
wave  of  growth  will  be  driven 
by  cell  phones,  new  classes 
of  consumer  electronics,  and 
machine-to-machine  commu¬ 
nications  in  various  kinds  of 
smart  grids  for  energy  manage¬ 
ment,  surveillance  and  public 
safety,  and  sensor  networks. 
tinyurl.com/3yw2zyd 

Brocade  readies 
100G  Ethernet 

BROCADE  COMMUNICA¬ 
TIONS  is  preparing  a  100-Giga- 
bit  Ethernet  module  for  its 


22  billion  or  bust 


Smooth-Stone 
aims  to  slay 
chip  Goliath 


A  START-UP  that  gets 
its  name  from  David’s 
weapon  vs.  Goliath  is 
taking  aim  at  electricity 
bills,  the  biggest  cost  in 
data  centers.  Smooth-Stone, 
which  just  secured  $48  million 
in  new  funding,  plans  to  use 
mobile  phone  microprocessors 
inside  servers  to  lower  data 
center  electric  bills.  The  chips 
will  be  an  alternative  to  server 
chips  such  as  those  based  on 
x86  technology  from  Intel  and 
AMD  —  but  slaying  those  giants 
won’t  be  easy.  Smooth-Stone 
faces  daunting  technological 
challenges  in  its  quest  to  build 
good  server  chips  using  mobile 
phone  processing  cores,  tinyurl. 
com/398w7kn 


IBM  IS  strength¬ 
ening  its  hand  in 
the  Unix  business 
with  new  systems 
based  on  its 
Power7  proces¬ 
sors,  including  a 
server  for  large 
enterprises  that 
scales  to  256  cores. 

The  Power 795 
is  IBM’s  biggest  Unix  server  to 
date.  It’s  aimed  at  companies 
that  run  large-scale  data¬ 
base  applications  or  want  to 
consolidate  multiple  Unix  or 
Linux  workloads  onto  a  single 
system  using  IBM’s  PowerVM 
virtualization  software.  Few 
organizations  need  a  box  as  big 
as  the  795  to  run  a  single,  large 
application,  and  IBM  expects 
most  customers  to  use  it  for 
consolidation  projects,  which 
can  help  reduce  energy  use  and 
conserve  data  center  floor  space. 
tinyurl.com/3x4grpr 


FOR  THE  second  straight  year 
Microsoft  won’t  bother  show¬ 
casing  its  primary  virtualiza¬ 
tion  technology  at  VMworld, 
because  it  believes  the  confer¬ 
ence’s  sponsor  and  exhibitor 
agreement  prevents  vendors 
from  demonstrating  products 
that  compete  against  VMware. 
Microsoft  appears  to  be  the 
only  major  vendor  taking  this 
stance,  as  even  its  partner 
Citrix  has  decided  to  step  up 
its  presence  at  VMworld  and 
will  showcase  XenDesktop, 
which  competes  directly 
against  VMware’s  desktop 
virtualization  software.  “We’ve 
got  the  biggest  little  booth  at 
VMworld,”  said  Microsoft 
spokesman  Patrick  O’Rourke, 
noting  that  Microsoft  will 
be  limited  to  a  10-by-10-foot 
booth  on  the  show  floor 
because  it’s  not  a  member  of 
VMware’s  partner  program. 
tinyurl.com/332z4rd 


SOMETIME  THIS  month,  the 
5  billionth  device  will  plug  into 
the  Internet.  And  in  10  years, 
that  number  will  grow  by  more 
than  a  factor  of  four  to  22  billion, 
according  to  IMS  Research, 


Netlron  MLX  switch  family, 
breaking  the  next  LAN  speed 
barrier  in  the  flagship  hardware 
line  it  acquired  from  Foundry 
Networks.  The  Netlron  MLX 
32,  the  top-end  32-port  member 
of  the  MLX  line,  will  be  able  to 
accommodate  32 100-Gigabit 
ports,  Brocade  says.  The  IEEE 
802.3ba  standard,  approved 
in  June,  defines  specifications 
for  both  40G  bps  and  lOOGbps 
connectivity.  Networking 
vendors  have  been  racing  to 
introduce  100-Gigabit  Ethernet, 
which  some  organizations  with 
fast-growing  performance 
requirements  say  they  already 
need,  tinyurl.com/2f8slcg 

Employee-owned 
iPhones  under 
IT's  thumb 

FROM  THE  “ifyou  can’t  beat 


IT  Video 

The  ABCs  of  IT 

U  is  for  Unified  Communi¬ 
cations.  Puppet  IT  instruc¬ 
tors  Neal  and  Jackson 
are  back,  discussing  the 
ins  and  outs  of  unified 
communications. 
tinyurl.com/3x3rgj2 
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TOUGH  QUESTION  *51 

HOW  DOES  ONE  OF  THE  WORLD’S 
LARGEST  ENTERTAINMENT  COMPANIES 
CONTROL  WEB  2.0  APPLICATION  USAGE? 
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SONICWALL 

SECURES 

THE  ENTERPRISE. 


Forward-thinking  organizations  productively  use  innovations  like  Web  2.0 
applications  while  mitigating  their  associated  security  risks.  SonicWALL’s 
network  security  solution  integrates  next  generation  firewall  defenses  and 
intrusion  prevention.  Further,  the  SonicWALL  solution  scans  all  traffic  for 
malware  while  providing  Application  Intelligence  and  Control  to  manage 
and  visualize  any  type  of  application.  This  solution  identifies  and  controls 
by  applications— not  just  by  port  and  protocol  — delivering  bandwidth 
management,  access  controls,  and  protection  against  data  leakage  while 
massively  scaling  to  meet  the  needs  of  the  most  high-performance  networks. 

Learn  more  at  sonicwall.com/control 
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TRUE  FACT 


bits 


'em,  join  ‘em”  depart¬ 
ment:  Zenprise  is 
offering  a  way  to  manage 
and  secure  an  employee- 
owned  mobile  device 
that’s  accessing  your 
corporate  network.  A 
trio  of  new  features 
for  its  MobileManager 
software  lets  network 
administrators  tailor 
employee  access  to 
corporate  networks, 
wipe  company  data  from 
devices  without  touch¬ 
ing  personal  informa¬ 
tion,  and  remotely  access 
an  employee-owned 
handset  to  trouble- 


THE  SAME  Iridium  satellites  used  by  businesses  to 
transmit  data  around  the  world  have  been  tuned  to 
provide  comprehensive  electromagnetic  data  about 
solar  storms  that  will  result  in  an  early  warning  sys¬ 
tem  to  protect  power  grids. 

By  turning  up  the  rate  at  which  66  satellites  sample 
the  magnetic  field  they  are  experiencing,  Iridium  can 
provide  scientists  with  a  wealth  of  new  information 
about  solar  outbursts,  such  as  the  Aug.  1  coronal 
mass  ejection  that  created  spectacular  borealis  light- 
shows  three  days  later  on  Earth. 


the  amount  of 
data  generated 
by  video  calling 
which  will  be 
ervasive 


SOURCE:  WWW.HUMAN- 
PROOUCTIVITYLAB.COM 


Broadband  users  not 
getting  money’s  worth 

THE  ACTUAL  download  speeds  that 
consumers  get  are  about  half  of  those 
promised  by  service  providers,  according 
to  a  report  released  last  week  by  the  FCC. 

In  2009,  U.S.  residential  consumers 
subscribed  to  broadband  services  with  an  aver¬ 
age  and  median  advertised  download  speed  of 
7M  to  8Mbps,  respectively,  the  FCC  said.  But  the 
actual  average  speed  they  received  was  4Mbps  and 
the  actual  median  speed  was  3Mbps.  The  FCC  criti¬ 
cized  the  use  of  maximum  rather  than  actual  speeds 
and  said  it  will  support  efforts  to  develop  a  better  way 
to  represent  bandwidth.  The  maximum  advertised 
speed  ignores  network  congestion,  underperforming 
computers  and  routers,  and  Web  sites  and  applica¬ 
tions  that  aren’t  optimized,  the  FCC  said 

Tough  Facebook  lesson 

A  COHASSET,  Mass.,  teacher  was  forced  to  resign  last 
week  after  a  couple  of  her  Facebook  posts  critical 
of  the  community  and  students  were  discovered 
by  parents.  The  teacher,  who  oversaw  math  and 
science  programs  at  her  school,  referred  to 
kids  as  “germ  bags"  in  one  post  and  in  another 
dreaded  returning  to  teach  at  the  school  in  a 
community  that  was  "arrogant  and  snobby.”  The 
teacher  acknowledged  the  posts  and  said  she  messed 
up  on  her  privacy  settings,  according  to  local  TV 
reports. 
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shoot  problems.  IT  can 
distinguish  between 
corporate-owned  and  so- 
called  “employee-liable”  mobile 
devices  .tinyurl.com/23n3w25 

Cameron  Diaz 
could  wreck 
your  PC 

CAMERON  DIAZ’S  next  film 
could  easily  be  titled  “There’s 
Something  About  Malware.” 

The  actress  topped  McAfee’s 
annual  rankings  of  the  most 
dangerous  celebrity  searches  on 
the  Web,  since  searching  for  Diaz 
results  in  a  10%  chance  of  land¬ 
ing  on  a  risky  site.  Julia  Roberts 
came  in  second  place  followed 
by  Jessica  Biel,  who  was  last 
year’s  most  dangerous  celebrity 
search.  Brad  Pitt  was  the  most 
dangerous  male  celebrity  on 
the  list,  ranking  fifth  overall, 
while  Tom  Cruise  was  the  only 
other  male  celebrity  to  crack  the 
top  10,  checking  in  at  number 
eight  tinyurl.com/37o5s5u 


Visa  fee 
hike  called 
discriminatory 
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THE  U.S  .  is  reviewing  whether 
a  law  that  increases  some  visa 
fees  is  compliant  with  World 
Trade  Organization  rules, 
the  U.S.  Department  of  State 
announced  last  week.  Presi¬ 
dent  Obama  signed  into  law 
on  Aug.  13  a  $600  million  bill 
for  increased  surveillance  for 
illegal  immigrants  on  the  U.S.- 
Mexican  border.  The  cost  of  the 
new  measures  are  to  be  paid 
from  an  increase  in  H-1B  and  L 
visa  fees  paid  by  tech  workers 
brought  into  the  country  by 
companies  with  more  than  50 
staff,  and  in  which  more  than 
50%  of  the  staff  are  on  these 
visas.  The  new  border  security 
law  has  been  criticized  as  dis¬ 
criminatory  by  India’s  National 
ssociation  of  Software  and 
Service  Companies,  as  it  singles 
out  companies  that  have  more 
than  50%  of  their  staff  in  the 
U.S.  on  these  visas,  tinyurl. 
com/25zzs6p 
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Riverbed  says  Cisco 


can  have  Layer  2-3 


Ierry  Kennelly,  co-founder,  chairman 

and  CEO  of  Riverbed  Technology,  is  a  fervent 
believer  that  WAN  optimization  is  the  founda¬ 
tion  for  the  next  generation  of  IT  infrastructure 
and  that  Riverbed  is  poised  for  a  dominant  role 
not  only  in  corporate  data  centers  but  in  the 
cloud  as  well.  In  this  installment  of  the  IDG 
Enterprise  CEO  Interview  Series,  Kennelly  spoke  with 
IDGE  Chief  Content  Officer  John  Gallant  and  Network 
World  Senior  Editor  Tim  Greene  about  battling  with 
Cisco,  the  expansion  of  Riverbed’s  product  line  and  big  opportunities  in  the 
cloud.  Go  online  to  read  the  entire  interview  at  tinyurl.com/2w49ywa. 


Riverbed  CEO 
Jerry  Kennelly 


Cisco  started  out  in  the 
multiprotocol  router  business  and 
expanded  into  many  other  areas, 
including  switching,  storage, 
security  and  more.  Should  we  expect 
to  see  Riverbed  expand  as  well? 

Cisco  is  the  Layer  2  and  3  of  network¬ 
ing,  but  the  action  now  is  less  at  Layer  2 
and  3  and  much  more  Layers  4  through  7. 
Cisco’s  the  king  of  2  and  3  and  we’re  the 
king  of  4  through  7.  There  is  a  big  product 
future,  revenue  future,  for  us.  I  talk  to 
CIOs  all  the  time  now,  and  the  importance 
of  having  knowledge  workers  connect 
to  their  applications  effectively,  cheaply, 
globally,  seamlessly,  24-7,  is  critical  for 
them.  That’s  what  we  do. 

Where  could  the  company  go  in 
that  Layer  4  through  7  realm? 

Our  big  concentration  now  is  the  edge  of 
computing,  the  branch  offices  where  a  lot 
of  the  workers  are.  But  there’s  an  interest¬ 
ing  thing  happening  with  data  center 
consolidation  and  cloud  computing.  The 
old  paradigm  was  the  corporate  head¬ 
quarters  was  where  the  corporate  data 
center  was,  and  all  the  branch  offices  were 
the  edge.  What’s  happening  now  is  the 
corporate  data  center  is  being  moved  to 
a  cloud  somewhere  else.  It’s  in  Wyoming 
or  Arizona.  What  that  means  is  that  the 
corporate  headquarters  is  now  part  of  the 
edge.  Having  the  headquarters  join  the 
edge  increases  our  market  opportunity. 

We  introduced  a  product  about  a  year 
ago  called  Riverbed  Services  Platform  (a 
virtual  server  environment  on  Riverbed's 
Steelhead  appliances  that  allows  you  to 
plug  in  five  other  software  modules  of 


services  you  would  place  in  your  branch 
office.  We’re  approaching  the  ability  to 
give  people  that  dream  of  the  one-box 
in  the  branch  office.  You  don’t  need  a 
separate  box  to  run  your  Windows  server 
anymore,  or  really  any  other  server  in 
your  branch  office).  Into  that  single  box 
you  can  plug  in  your  security,  your  media 
server,  your  media  streaming,  your  DNS, 
DHCP,  domain  controller,  your  print 
server,  your  Microsoft  Windows  server, 
anything  you  want. 

Then  we  have  a  market  in  the  data  cen¬ 
ter,  the  connection  back  to  the  edge.  You 
have  to  have  a  Steelhead  at  either  end 
of  the  link.  So  we  have  great  big  honkin’ 
Steelheads  —  one  of  which  we  just  intro¬ 
duced,  the  7050  —  that  allow  for  mas¬ 
sive  scale  in  the  data  center  for  people 
to  connect  to  the  branch  offices.  Then 
further,  the  connection  to  the  backup  and 
recovery  data  center  for  storage  to  be 
sent  over  the  WAN  instead  of  by  tape. 

Cisco  grew  primarily  through 
acquisition.  Is  that  the  model  for 
Riverbed? 

We've  grown  organically  through  our 
inside  development  and  we  desire  to  do 
acquisitions.  We  acquired  Mazu  Net¬ 
works,  (whose  products)  we  now  market 
as  our  Cascade  product.  That’s  a  network 
performance  management  and  secu¬ 
rity  product  that  plugs  in  very  naturally 
with  the  Steelhead.  The  whole  Layer-7 
world  is  still  somewhat  new  so  there  are 
fewer  attractive  targets  for  us  in  terms  of 
acquisition.  But  we’re  interested  in  doing 
that.  We  have  a  high  bar  about  what  we 
would  acquire.  But  we’ve  got  plenty  of 


cash,  we’ve  got  plenty  of  management 
bandwidth.  If  we  can  find  good  targets, 
we  will  expand  by  acquisition. 

Other  technologies  in  the  past  have 
become  simply  features  that  live  on 
other  devices.  How  long  before  that 
happens  with  WAN  optimization? 

Cisco  hasn’t  done  very  well  in  this 
market.  They  were  going  to  put  [WAN 
optimization]  as  a  blade  in  a  router.  Well 
that’s  not  a  natural  place  for  it. 

Basically  we  put  a  powerful  server  at 
either  end  of  a  wide-area  network  link 
that  has  a  lot  of  processor,  disk,  and 
memory.  And  you  need  all  those  to  do 
the  magic  of  compression,  de-duplication 
and  acceleration.  Routers  and  VPNs, 
basically  they’re  just  little  CPUs,  hardly 
any  memory,  no  disk,  hardly  any  compute 
processor  at  all.  In  fact,  the  box  that  sup¬ 
ports  a  router  has  nothing  whatsoever 
in  common  with  the  box  that  supports 
network  acceleration.  It's  much  more 
natural  to  stick  a  router  in  [acceleration 
gear].  We  announced  within  the  last  three 
months  a  partnership  with  Vyatta,  which 
makes  a  small  router  that  just  plugs  into 
a  Steelhead  box.  It’s  more  natural  to  put 
that  in  a  slot  in  a  Steelhead  box  than  it 
is  try  to  put  a  big  server  tacked  kind  of 
artificially  onto  a  router.  Cisco  has  this 
ISR  box  where  they  have  a  slot  for  a  WAN 
optimization  board.  There’s  no  other 
integration. 

How  do  you  compete  against  a 
company  like  Cisco  that  has  such 
a  wide  product  range  and  has 
really  strong  customer  support? 

If  you  have  the  right  product  of  the  right 
quality  and  the  right  market  window, 
you  have  a  chance  to  have  a  good  win. 
The  fact  that  Riverbed  exists  is  just  a 
testament  to  how  much  more  superior 
our  product  must  be.  Because  if  it  wasn’t 
we’d  have  been  dust  a  long  time  ago. 

But  their  expertise  was  never  in  Layer  7. 
That's  not  a  place  they  have  any  history 
of  being  in,  a  history  of  success  in.  They 
went  against  F5  (Networks)  a  long  time 
ago  and  F5  beat  them  handily  there  and 
so  have  we.  There  are  no  supermen,  and 
I  think  competing  nine  years  with  Cisco,  I 
can  tell  you  they  are  not  supermen. 
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IT  managers  under  pressure  to  automate  more 


BYANN  BEDNARZ 

THE  PROLIFERATION  of  virtualization 
technologies  is  putting  pressure  on  IT  teams 
to  start  automating  more  processes.  With 
little  room  in  the  budget  for  new  products, 
it’s  critical  that  companies  prioritize  their 
investments. 

IT  teams  need  to  be  more  rigorous  about 
adopting  standard  processes,  and  they 
need  management  software  to  make  sure 
the  processes  are  executed  consistently  and 
automatically. 

“With  tight  budgets,  we  knew  weren’t  going 
to  get  more  staff,  so  we  had  to  find  a  way  to 
make  our  current  technicians  more  efficient, 
make  better  use  of  their  time  and  take  away 
the  drudge  work  from  them,”  says  Rick  Har¬ 
rison,  MIS  director  for  the  city  of  Columbia, 
Tenn.  The  city  chose  the  KBox  appliance  from 
RACE  (now  owned  by  Dell)  to  automate  soft¬ 
ware  distribution,  configuration  management 
and  help  desk  functions.  It’s  saving  thousands 
of  IT  man-hours  annually,  Harrison  says. 

For  companies  looking  to  gain  manage¬ 
ment  efficiencies,  here  are  five  ideas  for  how 
to  best  allocate  your  time  and  resources. 

1  Consolidate  management 
■  tools  across  the  enterprise 

“Most  companies  have  a  lot  of  redundant  tools. 
They’ve  got  to  refine  that  portfolio  of  tools 
and  get  rid  of  overlapping  tools,”  says  Glenn 
O’Donnell,  an  analyst  at  Forrester  Research. 

While  companies  will  always  need  tools 
targeted  at  specific  IT  domains,  in  the  bigger 
picture  it’s  important  to  manage  the  broader  IT 
services  rather  than  specific  technology  silos. 
“Consolidating  tools  offers  many  benefits, 
including  real  tool  integration,  better  service 
perspective,  quicker  incident  resolution  and 
higher  service  reliability,”  O’Donnell  says. 

Plus,  there’s  buying  leverage  to  be  gained 
if  IT  groups  can  collaborate  and  agree  on  a 
single  tool  that  satisfies  multiple  needs.  “It’s 
more  effective  if  you  come  together,  figure 
out  the  features  you  each  need,  and  see  if  you 
can  get  it  from  one  tool,”  says  Jasmine  Noel, 
founding  partner  at  Ptak,  Noel  &  Associates. 

Oracle  just  went  through  a  project  to  retire 
piecemeal  network  monitoring  and  manage¬ 
ment  tools  in  favor  of  a  single,  consolidated 
system  from  Monolith  Software. 

“The  real  driving  force  for  us  was  the  sav¬ 
ings  on  integration,”  says  Craig  Yappert, 
senior  director  of  enterprise  monitoring  solu¬ 
tions  at  Oracle.  “If  I  had  to  continue  to  integrate 
six  or  seven  different  tools  into  my  business 


Virtual  effect 

Virtualization  is  driving  enter¬ 
prise  IT  departments  to  refine 
operations  and  invest  in  new 
technologies,  according  to  257  IT 
professionals  surveyed  by 
Forrester  Research. 

Planned  actions  to  improve  IT's 
operational  productivity  and  quality 

■  Implement  or  expand  virtualization 
(cited  by  50%) 

■  Standardize  platforms  (41%) 

■  Adopt  or  expand  IT  service  management 
principles  (37%) 

■  Implement  or  expand  systems 
management/monitoring  tools  (36%) 

■  Retrain  staff  for  emerging  skill 
requirements  (35%) 

■  Implement  or  expand  automation 
technologies  (34%) 


process  every  time  something  changed,  I  was 
taking  a  huge  hit  in  time  and  valuable  people 
resources  to  do  that  integration.” 

2  Invest  in  network 

■  configuration  and  change 
management  (NCCM)  tools 

Network  pros  need  tools  that  will  auto¬ 
matically  recognize  when  new  end  points 
are  added  to  the  network.  “Getting  you  the 
data  more  quickly  about  what  has  changed 
requires  more  automated  discovery  and 
automated  monitoring,”  says  Jim  Frey, 
research  director  at  Enterprise  Management 
Associates. 

NCCM  tools  can  help  alleviate  staffing 
crunches,  too.  “Skilled  networking  labor  is 
expensive  and  growing  scarcer.  Much  of  the 
work  done  on  networks  is  repetitive  and  only 
requires  skilled  people  because  of  the  cryptic 
interfaces  to  perform  the  work,”  O’Donnell 
says.  “NCCM  tools  delegate  much  of  this  work 
to  lower-skilled,  less  expensive  staff,  increase 
reliability  through  consistent  execution,  and 
increase  productivity  for  all,  skilled  and  non- 
skilled  alike.” 

3  Increase  application 
■  awareness 

Network  managers  need  to  look  at  network 
performance  data  not  in  isolation  but  alongside 


information  about  active  applications  and 
services,  who’s  using  them,  and  what  kind  of 
experience  users  are  getting,  Frey  says. 

“Make  sure  you  have  awareness  of  not  just 
what’s  in  your  network  but  how  it’s  being 
used  to  deliver  applications  and  services,” 
Frey  says.  “It’s  surprising  to  me  how  many 
shops  still  don’t  know  what  apps  are  being 
used  on  the  network,  which  ones  are  really 
driving  the  use  of  the  network,  and  which 
ones  oftentimes  are  the  source  of  problems 
when  there  are  slowdowns.” 

4  Pay  for  analysis, 

■  not  monitoring 

Simply  collecting  and  plotting  data  is  passe. 
“Steer  [your  money]  towards  more  advanced 
products  that  will  analyze  the  collected  data 
for  you,”  O’Donnell  says.  “It  is  senseless  to 
pore  over  charts  and  graphs  with  the  naked 
eye  when  sophisticated  mathematical  algo¬ 
rithms  are  available  to  sift  through  all  of  this 
noise  for  you. 

Vendors  such  as  BlueStripe,  NetScout, 
Netuitive,  Network  Instruments,  OPNET 
and  Splunk  have  analysis  products  that  can 
tell  you  something  meaningful,  he  says. 

The  engine  in  Monolith’s  platform  lets  Yap¬ 
pert  analyze  the  business-level  impact  of  an 
IT  event,  not  simply  the  device-level  impact. 

“Now  we’re  able  to  tag  and  organize  those 
devices,  and  the  events  that  happen  against 
those  devices,  around  that  business  grouping,” 
Yappert  says.  When  a  switch,  router  or  firewall 
has  a  problem,  “we  have  an  understanding  of 
what’s  impacted  by  that,  at  a  business  level.” 


5  Exploit  untapped 

■  capabilities  in  toolsets 


Very  few  managers  fully  utilize  the  tools 
they  own,  and  it’s  worth  it  to  put  the  time  in 
to  discover  how  existing  tools  can  fill  func¬ 
tional  gaps.  “Spend  a  little  time,  get  out  the 
manuals,  and  figure  if  there  are  other  features 
within  the  tools  you  own  that  you’re  not  tak¬ 
ing  advantage  of,”  Frey  says. 

Vendors  also  can  often  provide  free  connec¬ 
tors  to  other  management  tools,  via  technology 
partnerships,  that  save  companies  from  hav¬ 
ing  to  do  the  integration  work  themselves. 

Put  the  onus  on  vendors  to  highlight 
untapped  offerings  and  capabilities,  Noel 
adds.  After  all,  it’s  in  their  best  interests:  The 
more  IT  uses  a  product,  the  more  indispens¬ 
able  it  becomes.  “Tell  them  to  make  it  easy  for 
you  to  start  using  the  features  you  haven’t 
tried  yet,”  Noel  says.  ■ 
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HP  ProLiant  DL385  G7  Server 

•  AMD  Opteron™  Processor  Model  6134 

•  4  GB  memory,  up  to  256  GB  Max 

•  Up  to  8  small  form  factor  high-performance  SAS  hard  drives 
with  standard  cage.  Or  up  to  16  SFF  or  6  IFF  hard  drives  with 
optional  drive  cages. 

•  Integrated  Lights-Out  3  (iLO  3)  providing  industry-leading 
management  and  powerful  administration 

$2,599  (Save  $498) 

Lease  for  just  $69/mo.* 

■■ESI  (PN:  605869-005) 


1  Based  on  HP  internal  testing  comparing  hardware  on  HP  ProLiant  DL380  G4  to 
HP  ProLiant  DL385  G7. 

2  Source:  IDC  white  paper  sponsored  by  HP  Gaining  Business  Value  and  ROI 
with  HP  Insight  Control,  May  2009. 

Copyright  ©  2010  Hewlett-Packard  Development  Company,  L.P. 

AMD,  the  AMD  Arrow  logo,  AMD  Opteron  and  combinations  thereof  are 
trademarks  of  Advanced  Micro  Devices,  Inc. 


Calculate  your  ROI  and  register  for  The  Time  is  Right  to 
Transform  the  Data  Center  and  The  Next  Generation  HP 
ProLiant  Server  Line:  A  Powerful  Platform  for  Virtualization 
white  papers  at  hp.com/servers/unleash9 


20  YEARS 

OF  x86  SERVER  INNOVATION 

Prices  shown  are  HP  Direct  prices;  reseller  and  retail  prices  may  vary.  Prices  shown 
are  subject  to  change  and  do  not  include  applicable  state  and  local  taxes  or  shipping 
to  recipient's  address.  Offers  cannot  be  combined  with  any  other  offer  or  discount  ana 
are  good  while  supplies  last.  All  featured  offers  available  in  U.S.  only.  Savings  based  on 
HP  published  list  price  of  confiqure-toorder  equivalent  (DL  Server:  $3,097-$498  instant 


savings  =  bmart  Buy  price  ot  J7,Dyy.l  financing  available  through  Hewlett-Backard 
Financial  Services  Company  and  its  subsidiaries  (HPFSC)  to  qualified  commercial 
customers  in  the  U.S.  and  is  subject  to  credit  approval  and  execution  of  standard  HPFSC 
documentation.  Prices  shown  are  based  on  a  lease  48  months  in  term  with  a  fair  market 
value  purchase  option  at  the  end  of  the  term  and  are  valid  through  July  31,  2010.  Other 
rates  apply  for  other  terms  and  transaction  sizes.  Financing  is  available  on  transactions 
greater  than  $349.  Other  charges  and  restrictions  may  apply.  HPFSC  reserves  the  right  to 
change  or  cancel  this  program  at  any  time  without  notice.  This  offer  cannot  be  combined  with 
any  other  rebate,  discount  or  promotion  without  prior  approval  by  HP  and  HPFSC.  Rates  are 
based  on  customer's  credit  rating,  financing  terms,  offering  types,  equipment  type  and  options. 
Not  all  customers  may  qualify  for  these  rates.  Other  restrictions  may  apply.  HPFSC  reserves  the 
right  to  change  or  cancel  this  program  at  any  time  without  notice. 


faster  server  ROI. 


Servers  that  pay  for  themselves  in 
as  little  as  2  months:  next  generation 
HP  ProLiant  servers  powered  by 
AMD  Opteron™  6100  Series  processors.1 


Is  an  aging  IT  infrastructure  costing  you  money? 
Now  is  the  time  to  unleash  the  full  potential  of  your 
business  with  next  generation  HP  ProLiant  servers 
powered  by  AMD  Opteron™  6100  Series  processors: 

•  23  to  1  server  consolidation  ratio1 

•  96%  or  more  energy  and  cooling  savings1 

•  $48,380  saved  per  100  users2 

Accelerate  your  business  and  lay  the  groundwork  for  the 
HP  Converged  Infrastructure,  the  road  map  to  greater  IT 
efficiency.  And  unleash  faster  server  ROI  today. 


Outcomes  that  matter. 


TREND  ANALYSIS 


How  to  roll  out  full  disk  encryption  on  your  PCs 

Full  disk  encryption  is  key  to  meeting  compliance  rules,  but  watch  out  for  those  Macs 


BY  BOB  BROWN 

HARDLY  A  week  goes  by  when  some  orga¬ 
nization  or  another  doesn’t  lose  some  laptops 
and  face  a  litany  of  IT  security  questions.  One 
that  always  comes  up  is:  Were  the  systems’ 
disks  fully  encrypted? 

Sometimes  the  answer  is  “Yes”,  but  plenty 
of  organizations  have  yet  to  make  the  leap  to 
full  disk  encryption. 

I  asked  Michael  Kamens,  information  secu¬ 
rity  officer  at  WGBH  Educational  Foundation 
in  Brighton,  Mass.,  to  lay  out  the  basics  of 
what  desktop  and  laptop  encryption  entails 
since  he’s  been  spearheading  an  encryption 
project  involving  hundreds  of  computers  at 
his  organization. 

If  an  IT  shop  is  starting  from 
scratch,  what’s  technically  involved 
in  encrypting  PCs  and  laptops? 

It  is  a  huge  undertaking  as  each  computer 
must  be  touched,  first  by  pushing  the  agent 
out,  and  second  it  must  be  configured  by  the 
user.  By  configuration,  the  service  desk  must 
show  the  end  user  how  to  set  up  a  secure  pass- 
phrase  that  will  allow  their  computer  to  move 
past  the  BIOS.  Additionally,  the  encryption 
process  takes  anywhere  from  four  to  six  hours 
and  does  impact  the  speed  of  the  computer,  so 
it  should  be  run  after  hours.  Probably  the  big¬ 
gest  source  of  errors  is  not  disabling  the  hard 
drive  from  going  to  sleep,  which  will  stop  the 
process  from  completing. 

What  are  the  benefits  of  desktop 
and  laptop  encryption  from  a 
compliance  standpoint? 

It  is  mandatory  under  MA  Privacy  Law  201 
CMR 17  and  under  Payment  Card  Industry 
Data  Security  Standards  on  any  computer 
containing  Personal  Identifiable  Informa¬ 
tion  (PII)  and/or  credit  card  data.  The  real 
benefit  is  that  a  lost  laptop  that  “might”  con¬ 
tain  such  data  will  be  unreadable  to  anyone 
other  than  the  company  and/or  owner.  This 
provides  a  safeguard  that  eliminates  the  risk 
of  violation  as  today  most  companies  have 
difficulty  knowing  exactly  what’s  stored  on 
the  computer.  But  the  question  I  raise  at  my 
presentations  is:  Can  you  afford  to  be  on  the 
front  page  of  your  newspaper  or  the  6  and  11 
o’clock  news?  The  obvious  answer  is  every¬ 
one  should  encrypt  to  protect  privileged 
data  from  being  read  if  (really  when)  a  laptop 
is  stolen. 


Are  there  separate  challenges  in 
encrypting  Macs  vs  Windows  PCs? 

There  are  only  two  companies  that  offer  Mac 
encryption  —  PGP  and  Check  Point,  and  since 
Apple  does  not  play  nice  in  the 
sand  box,  the  vendors  cannot 
deliver  a  single  sign-on  solu¬ 
tion.  On  a  PC,  once  you  enter 
your  passphrase  on  boot  up, 
you  are  automatically  logged 
into  the  network.  However, 
with  a  Mac,  you  must  enter  your 
encryption  password  and  then 
you  are  presented  the  network 
log-in,  which  requires  another 
log-in.  Additionally,  during 
your  project  installation  phase 
you  must  ensure  that  every  OS 
is  compatible.  One  stumbling 
block  is  that  only  Intel-based 
Macs  can  be  encrypted  today, 
which  could  have  an  impact  if 
you  have  PowerPCs  that  can¬ 
not  be  encrypted,  requiring 
replacement  or  no  encryption. 

Is  there  any  reason 
to  go  with  third-party 
tools  when  vendors 
offer  their  own  (like 
Microsoft’s  BitLocker 
for  Windows  7)? 

You  must  use  a  third-party  ven¬ 
dor  as  the  PC  and  OS  vendors’ 
offerings  (Apple  and  Microsoft) 
are  not  geared  for  truly  effec¬ 
tive  centralized  management. 

Without  centralized  management  you  don’t 
have  an  easy  way  to  manage,  recover  lost 
passphrases  or  view  all  encrypted  computers 
to  see  their  status.  We  use  PGP  and  users  do 
forget  their  PGP  passphrase.  The  centralized 
management  console  allows  us  to  provide  a 
32-bit  one-time  unlock  token  that  we  give  to 
the  user.  Since  security  is  critical,  whenever 
we  request  this  token  (every  token  is  differ¬ 
ent  for  every  computer  —  no  universal  token) 
we  are  prompted  with  a  pop-up  informing  us 
that  all  actions  are  tracked  and  audited.  Just 
think  if  you  don’t  have  the  ability  to  provide 
an  unlock  token,  you’d  have  to  format  these 
computers  and  re-image. 

What  are  the  human  (as  opposed 
to  technical)  challenges  in 
encrypting  desktops  and  laptops? 


You  must  be  tough  —  as  in,  it’s  my  ball  and  my 
glove,  so  if  you  want  to  play  you  need  to  do  as  I 
say.  We  do  not  make  the  choice  of  encryption 
optional.  If  you  are  in  a  protected  class,  your 
computer  is  encrypted.  We 
have  IT,  HR,  legal,  finance  and 
executives  in  the  protected 
class  in  addition  to  those 
handling  credit  cards  and/ 
or  intellectual  property  and 
privileged  information. 

Is  it  expensive? 

Depending  on  number  of 
licenses,  the  cost  can  range 
between  $150  to  $200  per 
user,  plus  the  cost  for  vendor 
professional  services  to  assist 
in  the  installation,  configura¬ 
tion,  roll-out  and  training  the 
trainer.  So  is  it  expensive  when 
compared  to  the  cost  of  fines  for 
violating  privacy  laws  or  PCI, 
which  can  run  in  the  millions 
not  to  mention  brand  damage? 
I  think  it’s  a  bargain. 

Is  it  time  consuming? 

To  do  it  right  with  Macs  and 
Windows  I  would  say  two 
support  people  can  do  10  to  25 
machines  a  day  as  long  as  you 
have  the  ability  to  push  the 
clients  out  and  can  dedicate 
resources.  In  our  case,  JAMF 
Software’s  Casper  and  Micro¬ 
soft’s  System  Center  Configu¬ 
ration  Manager  is  used  to  push  out  the  agent. 
One  area  that  most  do  not  account  for  is  the 
time  for  user  training. 

Any  tricks  or  tips? 

Most  vendors  will  provide  you  with  the  abil¬ 
ity  to  do  a  proof  of  concept.  We  used  the  ven¬ 
dor’s  hosted  servers  rather  than  build  our 
own,  which  really  made  it  easier  and  faster. 
You  must  plan  on  who  is  getting  encryption 
to  get  a  valid  number  of  licenses.  The  use 
of  vendor  professional  services  I  consider 
critical  in  the  success  of  your  rollout  —  or 
prepare  to  spend  a  lot  of  time  calling  sup¬ 
port.  Remember  to  ask  your  vendor  if  their 
product  works  with  your  mix  of  computers 
and  then  make  them  prove  it.  Finally,  set  up 
end  user  training  to  reduce  the  amount  of 
support  calls.  ■ 


be  encrypted 
to  protect 
privileged  data 
from  being 
read  if  (really 
when)  a  laptop 
is  stolen. 

MICHAEL  KAMENS, 

INFORMATION 
SECURITY  OFFICER, 

WGBH  EDUCATIONAL 
FOUNDATION 
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►  Intel ,  from  page  1 

McAfee  CEO  Dave  DeWalt  wrote 
that  the  “current  cybersecurity 
model  isn’t  extensible  across  the 
proliferating  spectrum  of  devices.... 

The  industry  needed  a  paradigm 
shift,  incremental  improvements 
can’t  bridge  the  opportunity  gap.” 

Intel  CEO  Paul  Otellini  got  more 
specific:  “We  believe  that  security 
will  be  most  effective  when  enabled 
in  hardware.” 

The  combination  of  compa¬ 
nies  —  McAfee  would  operate  as  a 
subsidiary  within  Intel’s  Software 
and  Services  Group  —  could  also 
open  up  new  sales  opportunities. 
“Everywhere  we  sell  a  micropro¬ 
cessor,  there’s  an  opportunity  for 
a  security  suite,”  Otellini  said  of 
what  would  be  the  biggest  deal  in 
Intel’s  history.  Though  he  stressed 
that  Intel  is  open  to  working  with 
other  security  companies  as  well. 

While  it’s  not  immediately  clear 
what  impact  the  deal  will  have  on  corporate 
customers,  industry  watchers  weren’t  shy 
about  issuing  warnings. 

“It  scares  me,”  says  Gartner  Research  Direc¬ 
tor  Peter  Firstbrook,  who  worries  about 
whether  the  deal  will  distract  the  security 
company  from  efforts  such  as  uniting  its 
assorted  security  projects  under  the  ePolicy 
Orchestrator  system.  He  also  has  concerns 
for  customers  with  heterogeneous  hardware 
environments  that  Intel  and  McAfee  tech¬ 
nologies  might  become  too  entwined  to  the 
exclusion  of  others. 

However,  Firstbrook  does  acknowledge 
that  McAfee  could  bring  Intel  R&D  that  will 
improve  its  processors  and  provide  hooks 
into  its  hardware  that  could  be  exploited  by 
McAfee  and  other  security  vendors. 

Forrester  Research  analyst  Andrew  Jaquith 
questions  the  premise  of  tying  security  so 
tightly  to  hardware.  “I  am  not  convinced  that 
a  hardware-based  strategy  for  security  will 
resonate  with  enterprise  buyers,”  he  wrote.  If 
you  need  convincing,  ask  yourself:  how  many 
of  the  PCs  in  your  organization  run  Intel  vPro- 
capable  hardware?  Don’t  know  the  answer? 
Right:  this  is  exactly  my  point.  Despite  Intel’s 
efforts  to  add  more  differentiating  ‘profes¬ 
sional’  features  on  and  around  their  core  pro¬ 
cessor  silicon,  these  are  seen  as  a  bonus,  rather 
than  the  centerpiece  of  enterprise  manage¬ 
ment  strategies.  It  is  hard  to  see  how  ‘McAfee 
Inside’  would  work  out  any  differently.” 

Allan  Krans,  senior  analyst  for  Technol¬ 
ogy  Business  Research,  says  the  deal  is  not 
without  challenges,  but  does  think  it  could 
result  in  IT  shops  seeing  a  difference  in  how 


Security  software  leaders 

Intel  immediately  would  become  a  huge  player  in 
security  if  its  McAfee  buyout  goes  through. 
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GARTNER  PREDICTS  2010  WILL  SEE  A 

11.3%  GROWTH 

TO 

$16. 5B  WORLDWIDE 


security  is  delivered. 

“The  prospect  is  clearly  there  to  embed 
more  security  features  right  into  the  chipset, 
whereas  now  a  lot  resides  above  the  hardware 
and  even  operating  system  level,”  he  says. 
“Some  of  the  security  features  customers  cur¬ 
rently  pay  separately  for  may  be  embedded  in 
the  hardware  as  a  result  of  this  acquisition.” 

Software  security  market  upshot 

The  proposed  buyout  also  raises  many  ques¬ 
tions  regarding  the  security  software  market, 
which  Gartner  expects  will  grow  as  much  as 
11.3%  to  $16.5  billion  this  year.  McAfee  —  with 
about  $2  billion  in  revenue  last  year  and  6,100 
employees  —  is  currently  the  No.2  company 
in  the  market  behind  Symantec,  but  a  hungry 
pack  of  vendors  including  Trend  Micro,  IBM, 
HP  and  Cisco  is  also  fighting  for  its  share. 

Krans  notes  that  the  deal  would  make 
Trend  Micro  the  only  true  pure-play  security 
vendor  among  the  biggest  players,  eliminat¬ 
ing  one  of  McAfee’s  current  differentiators 
vs.  Symantec,  which  also  sells  storage  and 
systems  management  tools. 

Symantec  holds  just  over  20%  of  the  secu¬ 
rity  software  market  worldwide,  and  while 
that’s  not  bad,  it’s  actually  down  from  the 
24.11%  share  it  had  in  2007  and  the  company 
recently  warned  of  cautiousness  among  tech 


buyers.  The  company’s  stock  price 
rose  following  the  announcement 
of  the  Intel-McAfee  deal,  with 
speculation  Symantec  itself  might 
be  the  next  security  company  to 
find  a  suitor. 

“The  competitive  landscape  for 
us  is  changing,”  says  Bill  Robbins, 
Symantec  executive  vice  presi¬ 
dent  of  worldwide  sales,  discuss¬ 
ing  the  overall  market  prior  to  the 
Intel-McAfee  announcement. 

Symantec  just  spent  many 
millions  of  dollars  to  buy  PGP, 
GuardianEdge  and  VeriSign’s 
authentication  business  to  get 
encryption  and  certificate  tech¬ 
nologies.  (Trend  Micro  will  soon 
be  unveiling  some  encryption- 
related  plans  as  well.) 

Such  diversification  isn’t  a 
bad  idea,  since  selling  security 
to  the  enterprise  is  increasingly 
a  matter  of  having  lots  of  differ¬ 
ent  enticements  to  offer  the  cus¬ 
tomer  —  sometimes  a  giveaway 
in  a  bundled  offering.  “I’ve  seen  deals  where 
the  encryption  is  free,”  noted  Gartner  analyst 
Neil  McDonald,  discussing  the  topic  recently. 

Though  fellow  Gartner  analyst  Firstbrook 
isn’t  quite  sure  how  some  of  McAfee’s  products, 
including  firewalls  and  secure  Web  and  e-mail 
gateways,  will  fit  into  Intel’s  long-term  plans. 
He  also  questions  how  the  companies’  cul¬ 
tures  will  mesh,  describing  Intel’s  as  staid  and 
McAfee’s  as  more  aggressive  in  that  it  is  used 
to  reacting  quickly  to  the  latest  cyberthreat. 

McAfee’s  big  push  of  late  has  been  security 
for  smartphones,  including  the  iPhone  and 
Android-based  devices,  whether  in  the  hands 
of  the  consumer  or  the  business  person. 

To  that  end,  McAfee  recently  acquired 
mobile-device  management  vendor  Trust 
Digital,  used  in  the  enterprise,  and  Singapore- 
based  tenCube  in  the  consumer  area.  Syman¬ 
tec’s  approach  so  far  has  been  to  develop 
software  in-house,  including  its  Mobile  Man¬ 
agement  product  introduced  last  November. 

McAfee’s  recent  acquisitions  are  seen  as 
being  a  good  fit  with  Intel’s  vision  of  securing 
all  Internet-connected  devices  —  the  5  bil¬ 
lionth  of  which  this  month  is  expected  to  be 
plugged  in,  according  to  IMS  Research.  Those 
deals,  and  Intel’s  proposed  buyout  of  McAfee, 
also  would  seem  to  fit  with  Intel’s  acquisi¬ 
tion  last  summer  of  Wind  River,  a  maker 
of  embedded  technologies  used  in  mobile 
devices.  Otellini  says  that  the  McAfee  buy¬ 
out  supports  Intel’s  contention  that  security, 
along  with  Internet  connectivity  and  energy 
efficiency,  are  the  three  most  important  pil¬ 
lars  of  computing  today.  ■ 

IDG  News  Service  contributed  to  this  story. 
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►  School ,  from  page  1 

1  802.11n  and  all-wireless  access 

■  802.11n  Wi-Fi  campus  deployments 

are  growing  and  increasingly  eliminating 
wired  wall  jacks  and  switch  ports. 

University  of  North  Texas  in  Denton  took 
the  802. lln  plunge,  replacing  a  “hodge¬ 
podge”  of  802.11b  and  802.11g  access  points 
with  about  250  to  300  lln  access  points  from 
Aruba  Networks,  says  Joe  Adamo,  senior 
director  of  communications  services  at  UNT. 

Schools  with  802.11n  deployed  are  seeing 
big  changes.  Brandeis  University  in  Waltham, 
Mass.,  recently  renovated  four  dorms,  offering 
only  802.11n  wireless  connectivity.  “We’ve  seen 
an  abandonment  of  the  wired  infrastructure” 
by  users,  says  John  Turner,  Brandeis’  director 
of  networks  and  systems.  The  estimated  cost 
for  rewiring  the  four  buildings  was  $200,000. 
The  final  cost  of  the  Aruba  Networks  WLAN 
deployment  for  the  four  buildings  was  less 
than  $80,000. 

Morrisville  State  College  in  New  York  is 
likewise  making  wireless  the  default  net¬ 
work  access  in  all  new  or  rehabbed  dorms 
and  classrooms.  “That’s  a  huge  shift  in  IT’s 
historical  thinking,”  says  Jean  Boland,  the 
college’s  vice  president  for  administrative 
services  and  IT. 

2  The  rising  tide  of 
■  mobile  devices 

Many  incoming  freshmen  students  this  year 
have  more  than  one  mobile  device.  Laptops 
plus  smartphones  (or  a  Wi-Fi-only  device 
such  as  the  Apple  iPod  touch),  and  in  some 
cases  wireless  game  controllers,  are  a  typical 
combination.  Apple’s  iPad  tablet  is  popping 
up  on  nearly  every  campus,  heralding  a  new 
type  of  mobile  device. 

More  campuses  are  trialing  the  use  of  these 
personal  mobile  devices,  either  as  comple¬ 
ments  or  even  replacements  for  the  decade- 
long  focus  on  student  laptop  computing.  Stan¬ 
ford  University  School  of  Medicine  will  hand 
out  iPads  to  its  91  incoming  first-year  med 
students.  George  Fox  University  in  Newberg, 
Ore.,  will  give  this  year’s  freshmen  a  choice  of 
either  an  iPad  or  a  MacBook  notebook. 

One  of  the  pioneers  in  “mobile  learning”  is 
Abilene  Christian  University  (ACU)  in  Texas. 
This  year’s  1,000  to  1,200  freshmen  will  be 
the  third  class  to  receive  a  choice  of  the  latest 
iPhone  —  in  this  case  the  iPhone  4  —  or  the 
Wi-Fi-based  iPod  touch. 

What’s  distinct  in  ACU’s  approach  is  that 
the  hardware  handout  has  been  accompanied 
by  a  concerted  effort  to  create  both  network 
and  learning  infrastructures  to  support 
extensive  use  of  the  devices  by  students.  This 


Students  are  bringing  multiple  devices  to  campuses,  creating  bandwidth  burdens  for  IT 
departments.  Read  a  longer  version  of  this  story  at  tinyurl.com/39x84c2. 


year,  the  campus  WLAN  is  being  upgraded 
to  802. lln,  with  lGbps  Ethernet  links  to  the 
Alcatel-Lucent  access  points. 

ACU  has  also  re-architected  its  weekly 
first-year  orientation  classes,  now  dubbed 
Cornerstone,  around  the  mobile  platform. 

“We  wanted  to  create  a  central  locus  to 
immerse  students  in  mobile  learning,  as  we 
had  been  doing  with  faculty  and  staff,”  says 
Arthur  Brant,  ACU’s  director  of  enterprise 
infrastructure.  Cornerstone  classes  will  intro¬ 
duce  students  to  the  handsets,  and  to  the  uni¬ 
versity’s  growing  portfolio  of  home-grown 
and  third-party  mobile  learning  applications 
and  online  resources. 

3  Recentralizing  IT 

■  through  virtualization 

In  many  schools,  demand  for  high-perfor¬ 
mance  computing  and  enormous  storage 
capacity,  coupled  with  the  need  to  realize  sav¬ 
ings  and  efficiencies,  is  driving  a  recentraliza¬ 
tion  of  IT  resources  through  virtualization. 

University  of  Maryland  at  Baltimore  is 
creating  a  common  computing  facility  in 
a  leased,  3,200-square-foot  space  just  off 
the  main  campus.  It  will  house  gear  from 
jammed-up  computer  rooms  on  campus,  and 
from  school  and  departmental  facilities.  But 
it  will  also  provide  high-end  data  processing 
and  storage  to  meet  advanced  computational 
and  research  needs,  says  Peter  Murray,  the 
institution’s  CIO. 

Virtualization  is  a  key  part  of  the  new  facil¬ 
ity.  “Virtualization  lets  us  give  folks  their 
own  separate  piece  of  the  needed  resources, 
without  having  [to  resort  to]  expensive  local 
resources,”  he  says.  The  new  site  will  be  fully 
operational  in  early  2011. 

Dartmouth  College  in  Hanover,  N.H.,  will 
create  170  virtual  machines  in  its  current 
fiscal  year,  nearly  doubling  the  100  it  has. 
It’s  part  of  a  consolidation  process  to  create 
a  cost-effective,  high-performance  compute, 
backup  and  storage  service,  in  two  data  cen¬ 
ters.  “Our  plan  is  to  build  an  environment 
that’s  attractive  to  our  professional  schools 
with  [currently]  their  own  data  centers  and 


resources,”  says  Ellen  Waite-Franzen,  Dart¬ 
mouth’s  CIO. 

Increasing  clouds 

■  In  tandem  with  such  virtualiza¬ 
tion  is  growing  use  of  cloud-based  services. 
Dartmouth  has  just  adopted  the  Microsoft 
Business  Productivity  Online  Services,  which 
are  online  versions  of  Exchange,  SharePoint, 
Office  and  other  Microsoft  applications.  The 
school  chose  Microsoft  over  Google’s  compa¬ 
rable  product  because  it  plans  to  integrate  the 
on-campus  Exchange  Server  with  the  cloud 
offering.  Dartmouth  is  also  evaluating  cloud 
offerings  via  Amazon  and  Rackspace. 

Brandeis  this  fall  will  complete  the  transi¬ 
tion  of  its  campus  e-mail  and  calendar  ser¬ 
vices  to  Google’s  online  equivalents. 

5  Bandwidth  or  bust 

■  All  the  foregoing  trends  are  leading 
to  big  bandwidth  upgrades  on  many  cam¬ 
puses.  Nearly  all  of  the  802.11n  deployments 
mentioned  here  make  use  of  lGbps  Ethernet 
backhaul  to  the  LAN. 

University  of  North  Texas  upgraded  its 
campus  distribution  network  from  1G  to 
lOGbps,  and  new  design  to  improve  redun¬ 
dancy,  UNT’s  Adamo  says. 

On  the  back  end,  Internet  bandwidth  is 
soaring.  Morrisville  more  than  doubled  its 
connection,  from  90Mbps  total  to  200Mbps. 
Franklin  W.  Olin  College  of  Engineering  in 
Needham,  Mass.,  did  exactly  the  same.  North 
Texas  University  ended  2010  academic  year 
hitting  about  300M  to  400Mbps  and  expects 
to  reach  500Mbps  in  the  new  academic  year. 

Campuses  are  paying  more  attention  to 
cellular  bandwidth.  Campus-wide  network 
upgrades  offer  the  opportunity  to  evaluate 
distributed  antenna  systems,  which  are  cables 
and  hardware  that  take  a  cellular  carrier’s  sig¬ 
nal  from  an  on-campus  headend  and  spread 
it  evenly  throughout  a  building.  Brandeis  is 
evaluating  this,  in  part  because  new  energy 
efficient  windows  in  new  or  rehabbed  build¬ 
ings  dramatically  weaken  cell  signals.  ■ 
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TOOLS 


IT  asked 
and  answered 

Ron  Nutter  tackles  your 
tough  tech  questions  at 

tinyurl.com/yg2o434 


Apple,  Adobe  and  laziness 


They  are  lazy ...  They  have  all  this  potential  to  do  interesting  things  but  they  just 
refuse  to  do  it.  ”  -  Apple  CEO  Steve  Jobs  as  reported  on  Wired.com. 


pple’s  CEO,  Steve  Jobs,  is  not 

one  to  mince  words.  At  his  January 
“Town  Hall”  employees  meeting  at 
Apple’s  HQ  Jobs’  response  to  a  ques¬ 
tion  about  the  possibility  of  Adobe’s 
Flash  being  allowed  to  run  on  the 
then  newly  launched  iPad  made  it 
clear  that  he  didn’t  think  much  of  Adobe’s  engineering. 


Mark  Gibbs’  Gearhead 


I  disagree  with  Jobs:  Only  someone  with  a 
myopic,  intentionally  blinkered  agenda  would 
make  such  a  ridiculous  remark.  Adobe  has  cre¬ 
ated  some  of  the  finest  content  development 
tools  available  and  as  a  consequence  Flash 
has  become  ubiquitous  while  Photoshop  has 
become  an  institution  in  the  photographic 
and  graphic  design  worlds. 

And  Photoshop  Lightroom 
is,  as  I  wrote  at  the  time, 

“remarkable.” 

In  that  review  I  was 
looking  at  the  beta  of  the 
first  version  of  Lightroom; 
since  then  the  product 
has  evolved  to  version  3 
and  in  the  process  gradu¬ 
ated  from  remarkable 
to  astounding.  Not  even 
remotely  is  Lightroom  the 
work  of  a  “lazy”  company. 

What  got  me  pondering 
Jobs’  remarks  was  a  recent 
adventure  I  had  with  iTunes:  On  my  Mac  I 
had  assigned  a  200GB  drive  for  my  music 
collection.  Alas,  this  volume  eventually  got 
used  up  and  when  just  24KB  was  left,  iTunes, 
not  unreasonably,  abandoned  downloading 
podcasts. 

As  I  have  a  lot  of  storage  available  on  my 
network  I  thought  I’d  move  my  iTunes  library 
off  the  Mac  on  to  a  Synology  DS1010+  that  I 
reviewed  back  in  February  ...  I  mean,  how 


hard  could  reconfiguring  iTunes  be?  Ha!  It 
turns  out  that  this  is  not  as  easy  as  you  might 
at  first  assume. 

After  a  little  Googling  it  appeared  the  best 
plan  was  to  set  aside  a  subdirectory  named 
‘iTunes”  on  the  default  “Music”  share  on  the 
DS1010+  and  reconfigure  iTunes  version  9 
(Preferences  |  Advanced) 
to  use  that  subdirectory  as 
its  “iTunes  Media  folder 
location”. 

You  also  need  to  make 
sure  that  “Copy  files  to 
iTunes  Media  folder 
when  adding  to  library”  is 
checked  to  be  sure  that  all  of 
your  content  will  be  moved 
to  the  target  location. 

So  far,  so  good.  Now  we 
need  to  get  iTunes  to  move 
its  content  to  the  new  loca¬ 
tion.  Under  File  |  Library  | 
Organize  Library  there’s 
an  option  “Consolidate  files”.  You  check  that 
and  click  OK  and  off  goes  iTunes  ...  until  it 
stops  with  the  message  “Copying  files  failed. 
An  unknown  error  occurred  (-51).” 

I  think  you  can  guess  what  comes  next:  Yep, 
nowhere,  at  least  nowhere  that  I  could  find,  is 
the  error  -51  documented.  Tell  me,  how  can  an 
“unknown”  error  have  a  number? 

I  assumed  the  problem  might  be  missing 
►  See  Gearhead,  page  18 


Adobe  has 
created  some 

of  the  finest 
content  devel¬ 
opment  tools 

available. 


I  work  in  a  company  with 
multiple  locations.  Two  of 
our  locations  are  using  a 
data-intensive  Web-based 
application,  and  they  complain 
about  slow  response  at  peak 
hours.  This  is  part  one  of  the 
issue.  Part  two  is  that  there 
is  a  “page  execution  error” 
message  shows  more  often 
during  the  slower  times;  it 
also  looks  like  a  customized 
message  (“a  message  has  been 
sent  to  your  administrator”). 

Q  There  are  several  things 
that  I  would  like  to  suggest: 

1)  I  would  install  Wireshark  on 
the  app  server  and  one  of  the  client 
machines.  Run  Wireshark  on  the 
workstation  with  a  filter  that  will 
only  capture  traffic  to/from  the 
app  server  in  question.  Repeat  this 
process  on  the  server  with  a  filter 
capturing  the  traffic  to/from  the 
workstation  you  are  testing  from. 
Do  this  at  two  different  times  -  one 
when  things  are  running  OK  and 
one  when  users  are  complaining 
about  the  problem.  Look  at  the  dif¬ 
ference  between  the  two  capture 
and  that  may  give  you  an  idea  of 
where  to  look  next. 

2)  Look  at  when  the  problem 
occurs  and  where  the  affected 
users  are  located.  If  you  arent 
already  using  a  QOS  model  on  your 
network,  this  might  be  a  good  time 
to  think  about  implementing  one. 

3)  When  looking  at  WAN  optimi¬ 
zation,  I  would  look  at  Riverbed.  I 
have  seen  this  work  wonders  with 
getting  more  throughput  out  of  the 
same  amount  of  bandwidth.  You 
mentioned  that  this  is  a  server  that 
also  talks  to  a  database  server.  You 
may  need  to  extend  the  Wireshark 
testing  to  also  include  the  database 
server. 
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The  iMo  Monster: 

A  quick  and  easy 
secondary  monitor 


Keith  Shaw's 
Cool  Tools 


THE 

SCOOP 


iMo  Monster 
10-inch 
touchscreen 
monitor 

by  MIMO  Monitors,  about  $260 


driver  installs,  giving  you  a  second  monitor 
installation.  I  can  see  this  being  useful  for 
people  who  would  like  the  additional  screen 
real  estate  that  a  second  monitor  has,  but 
who  don’t  have  the  desktop  space  available. 
The  iMo  is  also  small  enough  and  portable 
enough  to  take  along  on  the  road  if  you  want. 


►  What  it  is:  The  iMo  is  a  10-inch  display 
that  can  connect  to  your  PC  or  Mac  via  USB 
cables,  and  with  its  Display  Link  connection, 
can  extend  the  display  to  its  10-inch  space. 
This  lets  users  have  additional  screen  real 
estate  without  taking  up  a  lot  of  extra  space 
on  the  desktop,  unlike  other  monitors.  The 
iMo  supports  up  to  1,024  by  600  resolution, 
and  includes  touchscreen  capabilities  (you 
can  control  items  on  the  screen  with  your 
finger  or  built-in  stylus).  The  back  of  the  unit 
flips  open  like  a  kickstand,  and  you  can  use 
the  display  in  landscape  or  portrait  format. 
In  addition,  the  iMo  has  two  additional  USB 
ports  for  use  as  a  USB  hub. 


►  Some  caveats:  Getting  the  touchscreen 
functionality  on  the  iMo  Monster  to  work  was 
tricky  —  during  my  tests  I  was  only  able  to 
enable  the  touchscreen  when  my  first  display, 
a  regular  notebook  monitor,  was  in  “dupli¬ 
cate”  mode,  and  not  in  “extend  the  monitor” 
mode.  I  also  couldn’t  think  of  many  situations 
where  I  really  needed  a  touchscreen  on  a 
secondary  monitor  (this  probably  works  bet¬ 
ter  if  you  are  already  using  a  touchscreen  on 
your  primary  display).  Also,  paying  $260  for 
a  secondary  monitor  seems  pricey  when  you 
can  get  larger  monitors  for  less  money. 


►  Grade  ★★★★  4  stars  (out  of  five) 


iMo  eliminates 
the  need  for 
an  additional 
power  adapter. 


►  Why  it’s  cool:  The  big  selling  point  is 
the  iMo’s  ability  to  be  powered  by  the  USB 
cable,  which  eliminates  the  need  for  an 
additional  power  adapter  (although  one  is 
provided  if  your  PC  needs  the  extra  power) 
or  a  VGA  monitor  cable.  Setup  is  extremely 
simple  through  the  use  of  the  DisplayLink 
driver  —  just  plug  in  the  cable  and  the 


Shaw  can  be  reached  at  kshaw@nww.com. 


TRUE  FACT 

What  is  your 
organization’s 
spending  plans 
for  mobile 
devices  and 
mobile  device 
support? 

37 
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INCREASE 

45 

MODERATE 

INCREASE 

14 

FLAT 

3 

DECREASE 

1%:  DON'T  KNOW 
SOURCE:  ESG  RESEARCH 


►  Gearhead ,  from  page  17 

content  but  even  after  running  the 
“Super  Remove  Dead  Tracks”  Apple- 
script  (111  tracks  were  found  AWOL 
in  my  16,240  items)  the  problem  per¬ 
sisted  so  I  just  had  to  keep  re-starting 
the  transfer.  At  the  time  of  writing  I 
think  I’m  about  two-thirds  of  the  way 
through  having  re-started  something 
30  or  40  times. 

So,  no  error  recovery  and  no 
documentation  for  what  should  be 
a  straightforward  copying  process. 
Really,  Apple,  how  hard  could  this 
be?  I  can’t  be  the  first  person  this  error 
has  annoyed.  Why  hasn’t  Apple  fixed 
this?  Just  lazy  I  guess. 

Gibbs  perseveres  in  Ventura,  Calif. 
Your  annoyances  to  gearhead@ 
gibbs.com. 


Announcing: 


THE 

SECURITY 

STANDARD 


September  13-14, 2010 

Marriott  Brooklyn  Bridge  |  New  York,  New  York 


Produced  by  cso 


BUSINESS  RISK  LEADERSHIP 


Defending  the  Fortress: 

New  Threats  Meet  New  Defenses 


o 

\ 


'  ‘S'f 


m n 


■  * 


i  d  l  □  □  i  i  c: » ij  tiv 


I  % 

m 


t  Hi V 


□  i  □  m  □  n  □  □  i 


This  is  the  most  important  security  event  you’ll  attend  in  2010. 

With  an  information-packed  agenda  -  including  a  dedicated  Digital  ID  World  track  -  you’ll 
gain  real-world  insight  into  how  business  leaders  are  winning  against  today’s  security  and 
compliance  challenges. 

>-  Learn  how  to  achieve  business  and  competitive  advantage  by  embracing  new  advances  in 
information  security 

>  Network  with  some  of  the  most  influential  business  and  IT  security  leaders  from  across  the  nation 

>►  Be  one  of  the  first  to  see  results  revealed  from  a  groundbreaking  2011  Global  State  of  Information  Security 
Survey,  conducted  by  CSO  magazine  and  PricewaterhouseCoopers 

Featured  Speakers  Include:  Senior  IT  security  executives  from  MasterCard,  ADP,  the  U.S.  Cyber  Consequences 
Unit,  Ogilvy  &  Mather  Worldwide,  McKesson  Corp.,  ITT,  Bank  of  China/NY  and  Thomson  Reuters 

Register  now  for  the  early-bird  rate  at  WWW.thesecuritystandard.net/nyc2010ad  to  join  CSO  and 
senior-level  IT  security  executives  at  this  critically  important  IT  security  event. 
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SDonsorshiD  ODDortunities  Are  Available  Security  Standard  attracts  a  powerful  and  influential  audience  of  security  decision  makers. 
H  H  For  Sponsor  Opportunities,  contact  Per  Melker  at  508.935.4729  or  e-mail  pmelker@cxo.com. 


When  you  migrate  your 
Data  Center,  make  sure  to  go 


The  transformation  of  the  data  center  is  not  a  one-size-fits-all  proposition. 
Extreme  Networks®  Four  Pillar  strategy  for  moving  from  physical  to  highly 
virtualized  and  on  to  the  cloud  enables  enterprises  and  hosting  providers 
of  any  scale  to  migrate  their  networks  at  their  own  pace. 

Let  Extreme  Networks  show  you  how  the  data  center  network  is 
evolving  to  meet  the  challenges  of  next-generation  virtualization  and 
cloud  environments. 

Be  ready  when  you’re  asked  to  move  your  data  center  from  physical  to 
virtual  and  on  to  the  cloud. 


For  more  information  on  how  Extreme  Networks  can  help  you 
migrate  your  data  center,  download  our  latest  whitepaper. 


Extreme  Networks  Direct  Attach 

www.extremenetworks.com/newDC 


©  2010  Extreme  Ntworks,  Inc.  All  Rights  reserved.  Extreme  Networks  and  the  Extreme  Networks  logo  are  either  registered 
trademarks  or  trademarks  of  Extreme  Networks,  Inc.  or  its  subsidiaries  in  the  United  States  and  other  countries. 
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Who  has  the  better  virtualization 
platform:  Microsoft  or  Vmware? 


IT  is  being  served  by  a  combina¬ 
tion  of  vendors,  some  of  whom  are 
working  to  provide  a  clear  path 
forward,  and  others  that  are  strug¬ 
gling  to  hold  on  to  the  past.  VMware 
vSphere  represents  the  architecture, 
expertise  and  ecosystem  driving  a 
new  approach  for  IT,  enabled  by  vir¬ 
tualization  and  broadly  recognized 
as  cloud  computing. 

Since  pioneering  x86  virtualiza¬ 
tion  more  than  a  decade  ago,  VMware 
has  established  a  steady  track  record 
of  industry  firsts,  continually  advanc¬ 
ing  the  transformative  capabilities  of 
virtualization  through  our  flagship 
platform,  vSphere:  first  live  migra¬ 
tion,  first  integrated  network  distrib¬ 
uted  switch,  first  VM  fault  tolerance 
capabilities  —  the  list  goes  on. 

Over  the  years,  this  innovation 
has  increased  the  role  virtualization  plays  in  delivering  profound 
value  for  enterprises.  VSphere  capabilities  have  expanded  to  opti¬ 
mize  not  only  servers,  but  storage  and  network,  improving  quality 
of  service,  increasing  IT  agility  and  recasting  the  economic  model 
of  computing. 

But  the  transformation  in  the  market  is  not  just 
about  product  capabilities.  Rather,  the  central  role 
virtualization  now  plays  has  elevated  this  debate 
well  beyond  the  level  of  feature  functionality.  Cus¬ 
tomers  are  looking  for  a  complete,  proven  platform 
that  can  meet  the  stringent  needs  of  today  while  pro¬ 
viding  an  evolutionary  path  to  the  future.  There  is 
only  one  solution  that  meets  this  criteria:  vSphere. 

VSphere  is  the  most  proven  solution  in  the  mar¬ 
ket.  More  than  190,000  customers  trust  VMware 
virtualization  and  a  global  ecosystem  of  service 
providers  (more  than  1,700)  are  building  their 
cloud  services  on  vSphere. 

We  also  provide  the  most  combined  server,  stor¬ 
age,  networking,  applications  and  operating  sys¬ 
tems  support  with  more  than  1,300  technology 
partners.  Our  innovation  is  matched  by  our  com¬ 
mitment  to  quality  —  with  our  data  center  custom¬ 
ers  reporting  98%  product  satisfaction,  and  nine 
out  of  10  deploying  most  or  all  new  servers  as 
VMware  VMs  by  default. 

►  See  VM  ware,  page  22 


If  you  think  VMware  is  the  win¬ 
ner  of  this  conversation,  I’d  ask  you 
to  think  again.  IT  leaders  care  about 
deploying  a  platform  that  is  reli¬ 
able,  stable,  cost-effective  and  easily 
adapts  to  changing  business  needs.  A 
few  years  ago  virtualization  was  seen 
as  the  final  destination.  Now  it  is  clear 
this  technology  is  a  stepping  stone  to 
the  more  agile,  responsive  world  of 
cloud  computing. 

The  core  benefits  of  virtualization 
—  the  ability  to  consolidate  servers, 
quickly  provision  new  applications, 
automatically  back  up  systems 
—pale  in  comparison  to  the  speed 
and  cost  savings  possible  with  cloud 
computing. 

Am  I  suggesting  that  you  abandon 
virtualization  and  move  to  the  cloud? 
No,  make  the  transition  on  your  terms. 
There  are  situations  where  you’ll  want  to  keep  applications  within 
your  data  center.  However,  I’m  suggesting  when  you  evaluate  a  vir¬ 
tualization  platform,  one  of  the  most  important  things  to  consider 
is  how  easy  it  will  be  to  integrate  the  platform  with  the  cloud. 

Is  there  a  common  management  framework  so  you  can  manage 
your  on-premises  and  cloud  applications?  Is  there 
a  single  identity  service  that  spans  both?  Can  your 
existing  development  environment  and  applica¬ 
tions  run  in  both  locations? 

VMware  offers  a  virtualization  platform  that 
only  works  within  virtualized  data  centers.  Micro¬ 
soft  has  built  a  public  cloud  platform,  Windows 
Azure,  that  runs  on  multiple  data  centers  across 
the  world.  We  have  a  worldwide  network  of  ser¬ 
vice  provider  partners  who  can  help  you  move  to 
a  cloud  model.  As  a  result,  we  uniquely  offer  com¬ 
mon  application  development,  management  and 
identity  across  the  virtualized  data  center,  a  pri¬ 
vate  cloud  environment  and  the  public  cloud. 

This  year  Fortune  500  companies  CH2M  Hill 
and  Union  Pacific  swapped  VMware  for  Microsoft. 
They  aren’t  the  first  to  switch,  and  they’re  joined  by 
many  more  organizations  that  have  opted  to  use 
Hyper-V  alongside  VMware.  That’s  easy  because 
Microsoft  System  Center  allows  you  to  man¬ 
age  multiple  hypervisor  environments  and  the 

►  Sec  Microsoft,  page  22 


A  big  head 

start 

matters 


Bogomil  Balkansky  is 
vice  president,  product 
marketing,  Virtualization 
and  Cloud  Platforms  at 
VMware 


Who  has  the 
better  virtualiza¬ 
tion  platform? 

VMware  • 
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Microsoft 


Total  Votes:  590 

Cast  your  vote  and  see 
comments  at 

tinyurl.com/35h5sxw 


The 

destination 
has  changed 


David  Greschler  is 
director  of  virtualization 
strategy,  Server  and 
Tools  Business  at 
Microsoft 
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►  VMware,  from  page  21 

But  the  best  platform  also  needs  to  be  cost-effective,  and  cus¬ 
tomers  know  that  upfront  license  costs  do  not  tell  the  whole  story. 
A  more  holistic  view  of  total  cost  includes  virtualization  and  man¬ 
agement  software,  operating  system,  hardware,  electricity  and  data 
center  space  costs  across  all  virtualized  apps. 

VMware  delivers  up  to  30%  lower  cost-per-application  than 
so-called  “free”  products.  VMware  also  enables  lower  ongoing 
administrative  costs  by  automating  manually  intensive  tasks. 
Customers  report  an  average  30%  reduction  in  time  spent  on 
routine  administration  and  a  25%  or  more  reduction  in  overall 
operational  costs. 

While  we’re  proud  of  the  track  record  of  results,  the  future  of 
vSphere  is  even  more  exciting.  VSphere  enables  customers  to  take 
an  evolutionary  path  to  cloud  computing  by  playing  a  pivotal  role 
as  the  platform  for  private  cloud  computing  as  well  as  for  public 
cloud  offerings  at  global  service  providers. 

VSphere  also  serves  as  the  foundation  for  a  new  user  comput¬ 
ing  architecture  enabling  customers  to  modernize  decades-old 
desktop  computing  models  to  better  meet  the  needs  of  IT  and  the 
changing  state  of  user  computing.  And,  as  new  application  devel¬ 
opment  increasingly  takes  advantage  of  cloud  computing  models, 
vSphere  is  once  again  the  center  of  our  customers’  strategy. 

VSphere  is  the  industry’s  most  proven,  complete,  cost-effective 
virtualization  platform.  This  is  true  not  only  because  it  continues 
to  set  the  bar  as  the  most  advanced  solution  technologically,  but 
because  it  has  been  chosen  by  enterprises,  service  providers  and 
a  broad  ecosystem  of  partners  as  the  foundation  upon  which  the 
next  generation  of  IT  will  be  built.  ■ 

VMware,  the  global  leader  in  cloud  infrastructure,  delivers 
customer-proven  virtualization  solutions  that  significantly 
reduce  IT  complexity  and  energize  business,  while  saving  energy 
—  financial  human  and  the  Earth's. 


►  Microsoft ,  from  page  21 

applications  running  within  the  VMs. 

There  was  a  perception  among  early  adopters  of  server  virtu¬ 
alization  that  Microsoft  didn’t  have  a  rich  feature  set.  That’s  not 
the  case.  More  than  a  year  ago  we  further  simplified  and  expanded 
clustering  nodes,  and  added  live  migration  for  zero-downtime 
migrations  of  vVMs  between  Hyper-V  servers. 

Hyper-V  also  provides  high  availability  with  transparent  and 
automatic  failover  of  VMs.  With  service  pack  1  of  Windows  Server 
2008  R2,  we’re  adding  Dynamic  Memory  and  a  new  high-fidelity 
remote  desktop  protocol. 

At  Microsoft  we  believe  virtualization  is  so  critical  we’ve  made 
it  part  of  our  server  OS,  management  tools  and  cloud  strategy.  As 
a  result,  VMware  is  missing  critical  features:  the  ability  to  manage 
both  physical  and  virtual  machines;  the  ability  to  get  information 
about  the  application  running  within  the  VM  located  on-premises 
or  cloud;  the  ability  to  manage  VMs  from  Microsoft,  VMware  and 
soon  Citrix. 

That’s  probably  the  most  glaring  difference  between  the  two 
companies:  VMware  is  a  virtualization  company,  and  Microsoft  is 
a  platform  company.  As  a  platform  company,  one  of  our  goals  is  for 
you  to  easily  and  cost-effectively  evolve  to  new  computing  models 
as  innovation  moves  the  industry  forward.  By  putting  virtualiza¬ 
tion  into  our  platform  we  have  made  it  easier  for  you  to  adopt  cloud 
computing  without  major  disruption  or  change  in  infrastructure. 

That  means  Microsoft  will  let  you  run  all  your  applications 
—  new,  ported  and  virtualized  —  across  traditional  data  cen¬ 
ters,  and  private  and  public  clouds.  This  capability  is  part  of  our 
strategy  that’s  focused  on  delivering  one  application  model,  one 
identity  model  and  one  management  model  across  all  computing 
environments.  ■ 

Founded  in  1975,  Microsoft  is  the  worldwide  leader  in  solutions 
that  help  people  and  businesses  realize  their  full  potential. 


Hyper-V  will  turn  a 
product  into  a  feature 

©  With  the  commoditization  of 
server  virtualization,  Hyper-V  will 
eventually  change  the  VMware  ESX 
tool  into  a  check  box  feature  needed 
in  the  OS  and  then  [VMware  won't 
be  able]  to  charge  for  it.  ANON 

XenServer 

©  VMware  is  too  expensive  for  us.  Their 
.  three-server  package  was  a  great  idea 
until  we  needed  to  go  to  5  servers.  So 
'  -  .  '  while  we  ran  VMware  for  many  moons, 
and  loved  the  jump  to  ESXi  4,  we  moved 
■  on.  Since  we  don’t  overcommit,  and  we 


Y.  x  don't  buy  any  more  MS  than  we  have 
IS ,  v:..':  to,' XenServer  fits  the  bill  perfectly  for 
j*\:  v  us.  Been  running  8  boxes  for  over  a 
'.  year  now  with  no  issues,  easy  to  admin, 
.  and  easily  survived  both  a  XenServer 


host  failure  (motherboard)  and  a  NAS 
hardware  failure.  We  paid  the  $lk/ 
server  to  license  HA  recently,  and  now 
life  is  even  better.  Price-wise,  VMware 
couldn't  touch  our  setup  if  they  wanted 
to.  Eight  servers  with  2x  CPUs,  and 
a  common  admin  console.  ANON 

Which  vendor  is  the 
most  open  ? 

©  A  hypervisor  agnostic  future  is  the 
perfect  breeding  ground  for  the  cloud. 
Now  which  vendor  do  you  think  will  let 
you  (or  even  encourage  you)  to  think 
in  a  vendor  agnostic  way  ?  Stop,  I  can't 
breathe,  I'm  rolling  on  the  floor  laugh¬ 
ing  my  butt  off.  BERT  DEBRUIIN 

VMWare  is  the  tech  leader 

©  But  they  are  also  the  cost  leader. 
Especially  once  you  try  to  get  past  just 


vSphere..  Throw  in  things  like  SRM  and 
View  and  watch  your  costs  go  through 
the  stratosphere.  I  love,  love,  love  our 
VMWare  infrastructure,  but  the  cost 
is  super  high  and  it  is  forcing  me  to 
pay  much  more  attention  to  Hyper-V 
then  I  otherwise  would.  SNORKEL 

Spending  dollars 
to  save  dimes 

©  If  you  don't  care  about  how  much 
manpower  you  spend  administrating 
your  virtual  environment,  Hyper-V  is  the 
solution  for  you.  We  literally  would  have 
spent  $200,000  in  yearly  administra¬ 
tion  to  save  us  $100,000  in  licensing. 
Hyper-V  isn’t  free  —  what  you  save  in 
licensing  will  be  lost  in  productivity. 
Hyper-V  isn't  mature  -  the  Microsoft 
solution  for  network  teaming,  or  trunking 
is  to  ''Not  do  it".  Redundancy  is  critical 
for  production  environments.  JAMM 
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In  today’s  business  environment  there’s  no  room 
for  compromise.  With  VMware,  IT  departments  can 
untangle  complexity  and  enable  a  more  agile 
enterprise  without  sacrificing  service  levels  for 
efficiency.  Through  our  industry-leading  virtualization 
solutions,  we’re  revolutionizing  the  way  IT  serves 
the  business— and  providing  a  clear,  pragmatic 
path  to  cloud  computing. 

Go  to  The  Source,  vmware.bom/movebeyond 
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CLEAR  CHOICE  TEST:  VMWARE  VSPHERE  4.1 

VSphere  rounds  into  form 

‘Cloud  operating  system’  gains  scalability,  improved  migration  tools 


CLEAR 
E 


BYTOM  HENDERSON  AND  BRENDAN  ALLEN 

Mware’s  vSphere  4.0  cloud 
operating  system,  which  we 
tested  last  June,  ushered  in 
new  methods  to  manage  vir¬ 
tual  machines  on  internal 
and  external  hosts.  The  4.1  version,  which 
shipped  last  month,  delivers  some  much 
needed  polish. 

Additions  to  the  product  include  an 
updated  vCenter  Configuration  Manager 
as  well  as  vCenter  Application  Discovery 
Manager. 

Prices  now  range  from  the  free  basic 
hypervisor  to  Enterprise  Plus  at  $3,495  per 
processor. 

Of  the  features  tested,  we  found  vMotion 
to  have  the  most  immediate  effect  for  admin¬ 
istrators,  although  those  trying  to  cram  as 
many  VMs  as  possible  onto  a  physical  server 
will  find  newly  reduced  memory  overhead 
and  memory  compression  options  to  be 
highly  desirable. 

VMware  4.1  contains  a  sorely  needed  fea¬ 
ture,  the  ability  to  use  vMotion  to  move  more 
than  one  VM  at  a  time  from  server  host  to 
server  host.  VSphere  4.1  allows  several  VMs 
to  move  concurrently,  but  with  a  small  catch. 

Source  and  target  machines  still  need  to 
be  similar  to  each  other  in  terms  of  proces¬ 
sor  type,  and  there  needs  to  be  a  connection 
between  the  machines  with  reasonable  speed 
—  the  two  Gigabit  Ethernet  jacks  found  on 
most  servers  will  do  the  job  for  at  least  four 
concurrent  VM  moves,  we  found  in  testing. 

With  a  10GB  switch,  enterprise  customers 
can  expect  to  be  able  to  move  eight  machines 
at  once  across  a  VMware  cluster. 

These  improvements  address  the  issue  of 
how  to  quickly  get  production  VMs  off  a  fail¬ 
ing  hardware  platform.  When  hardware  sends 
alarms  that  problems  are  occurring,  maintain¬ 
ing  production  requires  rapidly  moving  the 
dense  number  of  operating  systems  instances 
to  another  platform  rapidly,  and  eight  VMs  at 
a  time  seems  to  be  a  good  number. 

In  the  not  too  distant  future,  however,  the 
number  of  CPU  sockets  and  the  multiple 
CPU  cores  filling  servers  will  lead  to  organi¬ 
zations  cramming  even  more  instances  into 
them,  thus  elevating  the  need  for  still  more 
instances  to  be  moved  quickly. 

And  as  servers  become  crammed  with 
more  instances,  the  need  for  load  balancing 
CPUs  and  resources  becomes  more  critical. 
The  ability  to  move  groups  of  VM  assets  from 
one  server  to  another  goes  a  long  way  towards 
maintaining  peak  performance  from  the 


multi-core  servers  now  popular  in  network 
operations  centers  and  data  centers. 

Upgrade  drama 

VSphere  4.1’s  core  management  applica¬ 
tion,  vCenter,  now  runs  only  on  64-bit  hosts. 
Upgrades  to  existing  32-bit  platforms  aren’t 
allowed,  so  some  administrators  will  have  to 
upgrade  to  64-bit  versions  of  their  vCenter 
host. 

Or  you  can  just  re-install,  which  is  a  more 
painful  exercise.  There  are  upgrade  scripts 
to  copy  the  database,  but  instructions  aren’t 
clear  and  we  couldn’t  get  it  to  work  with  our 
MS  SQL  Server  2005.  We  gave  up  and  created 
a  new  vCenter  data  center  and  imported  the 
ESX  machines. 
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Product 

vSphere  4.1 

Vendor 

VMware 

Pricing 

$83  to  $3,495  per  CPU 

Pros 

Vastly  scalable;  improved 
sprawl  control. 

Cons 

vCenter  is  64-bit  only 
making  upgrades  potentially 
tough;  still  limited  to 
eight  vCPUs  per  VM. 

Total  4.1 

score 

Go  online  to  see  the  complete 
scorecard  at  tinyurl.com/25mxm8f 

The  VMware  ESX  core  hypervisor,  has  also 
been  upgraded,  and  provided  no  upgrade 
drama  at  all;  vCenter  Update  Manager 
upgraded  our  hypervisors  to  4.1  level. 

VMware  claims  that  memory  use  for  VM 
instances  is  more  efficient  in  4.1  compared 
to  4.0.  We  found  that  4.1  decreases  memory 
overhead,  but  only  for  64-bit  instances.  We 
couldn’t  find  any  real  change  for  32-bit  VM 
memory  use. 

Memory  can  also  be  compressed  so  that 
VMs  don’t  go  to  disk  for  virtual  memory  as 
often,  which  saves  access  speed.  We  found 
that  the  amount  of  actual  time  savings  from 
compression  could  be  high,  and  is  likely  to 
be  useful  in  constructions  where  VMs  are 
crammed  and  somewhat  over-subscribed. 

Unlike  most  other  hypervisors,  VMware 
4.1’s  ESX  uses  processor  sleep  instructions 


to  save  power  when  idle.  Most  hypervisor 
kernels  thwart  processor  sleep  in  a  quest 
to  be  responsive  to  the  random  requests  of 
hosted  VMs,  and  keep  CPUs  at  full  speed  all 
the  time. 

Virtual  CPU  changes  can  now  be  seen  by 
guests  as  the  number  of  sockets  and  number 
of  cores,  where  previously  guests  could  only 
see  sockets  (and  one  socket  equals  one  core). 
Now  it’s  possible  to  do  such  things  as  have 
the  VM  detect  two  sockets  with  two  cores  for 
a  total  of  four  CPUs  —  with  advance  settings. 
Unfortunately,  there’s  still  a  limit  of  eight 
vCPUs  per  VM,  as  well. 

VMware’s  vCenter  also  tracks  more  storage 
statistics.  We  found  more  console  informa¬ 
tion  and  tracking  on  throughput  and  latency 
for  both  hosts  and  VMs.  And  to  our  happi¬ 
ness,  vCenter  now  tracks  NFS  stats  as  well. 

VMware’s  vNetwork  Distributed  Switch 
adds  network  control,  by  protocol  throttling 
in  the  switch.  Similarly,  storage  I/O  can  be 
throttled  as  well,  per  VM. 

The  control  over  both  networking  and 
storage  resources  allows  administrative  con¬ 
trol  over  each  VM.  With  vCenter,  behavior 
becomes  more  molecularly  confined,  and 
therefore  predictable  so  that  machines  can 
be  further  optimized  with  VMs. 

VMware  says  that  vCenter  can  manage  as 
many  as  1,000  hosts,  and  10,000  powered  on 
VMs.  VMware  also  increased  the  number  of 
VMs  per  cluster,  from  1,280  to  3,000. 

There’s  another  claim  that  vMotion  migra¬ 
tion  is  five  times  faster.  We  were  unable  to 
corroborate  this,  but  we  did  find  that  vMo¬ 
tion  no  longer  queues  jobs,  it  runs  concurrent 
VM  transfers  from  one  host  to  another.  We’re 
inclined,  therefore,  to  believe  the  claims. 

VMware  4.1  has  new  support  for  8Gbps 
Fibre  Channel.  There’s  also  a  vStorage  API 
that  supports  more  rapid  array  file  move¬ 
ment  through  efficient  space  allocation.  In 
turn,  VMs  are  more  rapidly  created  and  pro¬ 
visioned  through  their  life  cycle. 

Overall 

VMware  stressed  in  their  pre-release  briefing 
that  many  of  the  upgrades  in  were  incremen¬ 
tal,  and  related  to  extensibility  and  scalabil¬ 
ity.  On  most  fronts,  we  found  this  to  be  true.  If 
you  had  reasons  to  buy  VMware  4.0,  there  are 
more  reasons  to  buy  VMware  4.1  for  added 
scale  and  features.  ■ 

Henderson  is  principal  researcher  and 
Allen  is  a  researcher  for  ExtremeLabs 
in  Indianapolis.  They  can  be  reached  at 
thenderson@extremelabs.com. 
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CLEAR  CHOICE  TEST:  CLOUD  STORAGE  SERVICES 

Cloud  storage  goes  first  class 

In  real-world  test,  five  cloud  storage  vendors  deliver  cost  savings,  fast  access  to  data 


BY  TOM  HENDERSON  AND  BRENDAN  ALLEN 

n  our  continuing  series  of  groundbreak¬ 
ing  tests  of  cloud  computing  services, 
we  take  a  look  at  what  enterprises  can 
expect  if  they  decide  to  entrust  data 
to  a  cloud  storage  provider. 

We  found  that  cloud  storage  lives  up  to 
its  advance  billing  in  two  key  areas:  cloud 
storage  can  be  fast  and  the  pay-as-you-go 
model  can  be  a  real  cost  saver.  We  also  found 
that  security  could  be  an  issue  for  enterprise 
shops,  and  the  formulas  for  trying  to  predict 
overall  costs  can  be  complex. 

The  services  that  we  tested  were  Amazon 
S3,  Rackspace’s  CloudFiles,  Egnyte’s  On 
Demand  File  Server,  Nasuni  Cloud  Storage 
and  Nirvanix’s  Storage  Delivery  Network. 

Amazon,  Rackspace  and  Nirvanix  repre¬ 
sent  the  containerized/object-oriented  model. 
Egnyte  embodies  the  file/folder  metaphor, 
while  Nasuni  offers  a  different  twist  —  it’s 
a  front  end  that  simplifies  cloud  storage  for 
enterprise  customers  and  connects  to  other 
cloud  storage  vendors  on  the  back  end. 

To  test  cloud-based  storage,  we  accessed 
the  cloud  vendor’s  site  through  their  sup¬ 
plied  APIs,  where  applicable.  We  moved  data 
either  from  virtual  machines  in  our  cabinet  at 
n|Frame  in  Indianapolis  at  100Mbps,  or  from 
our  lab  connected  via  Comcast  broadband. 

We  pounded  each  site  with  a  variety  of  file 
sizes  ranging  from  500KB  to  1GB.  We  also 
tested  in  two  periods,  daytime  and  nighttime, 
to  see  if  Internet  congestion  played  a  role  in 
cloud  storage  performance. 

Overall,  performance  was  strong,  although  it 
was  also  somewhat  random  and  unpredictable. 


Generally  speaking  we  did  get  faster  uploads 
and  downloads  at  night,  when  Internet  con¬ 
gestion  is  lower.  And  we  found  that  download 
speeds  were  considerably  slower  than  upload 
speeds  for  all  the  vendors  tested. 

Rackspace  delivered  the  best  overall  per¬ 
formance,  with  an  average  speed  2.57Mbps 
for  uploads  and  roughly  650Kbps  for 
downloads. 

Nirvanix  delivered  an  average  upload 
speed  of  1.3Mbps  and  Egnyte  topped  1Mbps. 
Amazon  had  the  lowest  average  upload  speed 


at  835Kbps,  but  also  the  highest  download 
speed  at  773Kbps,  giving  it  the  best  balance. 

Rackspace  CloudFiles 

Rackspace  uses  a  container  storage  method 
where  applications  talk  via  an  API.  In  turn,  the 
API  supports  Ruby,  PHP,  Python,  Java,  C#/.Net, 
which  run  over  an  HTTPS  REST  transport.  It’s 
all  coded,  but  it’s  not  complex  to  do. 

Rackspace  charges  customers  for  storage 
(15  cents  per  gigabyte  per  month),  bandwidth 
“in”  (8  cents  per  gigabyte  per  month)  and 
“out”  (22  cents  per  gigabyte  per  month),  and 
requests  (free  for  files  over  250KB,  1  cent  for 
files  under  250KB.) 

Rackspace  CloudFiles  has  support 
included  in  its  cost,  and  we  found  the  support 
to  be  responsive.  We  did,  however,  have  an 
ongoing  issue  with  Rackspace  where  upload 
speed  vastly  exceeded  download. 

Like  the  other  products  in  this  comparison, 
we  slammed  Rackspace  hard,  via  Rackspace’s 
Ruby  API  calls.  We  uploaded  and  down¬ 
loaded  20  small,  20  midsize,  10  large  and 
three  extra-large  files. 

We  discovered  that  there  are  some  limita¬ 
tions  to  Rackspace  CloudFiles.  You  can  build 
large  file  objects,  but  they  can’t  be  larger  than 
5GB.  There  are  no  subdirectories,  per  se,  but 
it’s  easy  to  build  subdirectory  translation  into 
filenames,  and  the  third-party  client  software 
we  used  can  simulate  folders  pretty  simply. 

There  is  no  file  locking,  so  opening  a  stored 
object  for  writing  needs  to  either  be  highly 
arbitrated,  or  exclusive  to  a  single  session  — 
otherwise  multiple  object  writers  can  destroy 
the  object’s  data  integrity. 

CloudFiles,  when  lacking  a  third-party 
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Product 

name 

Amazon  S3 

Rackspace 

CloudFiles 

Nirvanix  SDN 

Egnyte 

Nasuni  Filer 

Cost 

Includes  storage, 
data  transfers  in/out, 
requests,  uptime  SLA. 

Storage,  bandwidth, 
requests. 

Number  of 
nodes,  storage, 
bandwidth,  SLAs. 

Power  users,  standard 
users,  backup  licenses, 
overall  stored  data. 

$300/month  to  $200/mo 
(based  on  prepay)  +  storage 
costs  for  back  end  providers. 

Pros 

Consistent,  wide  variety 
of  access;  potentially 
superior  security. 

Unbeatable  upload 
speed;  good 
accessibility. 

Highly  accessible  by 
API;  mounts  can 
be  shared  through 
NAS-like  means, 
decent  speed. 

Stronger  admin/user 
access  control;  uses 
WebDAV  controls. 

No  mind-numbing  extra 
charges;  simple  CIFS 
mount;  does  automatic 
file  system  snapshots  with 
encryption  and  compression. 

Cons 

Difficult  to  predict 
costs;  requires 
third  parties  for  file 
system/directory 
services  peering. 

Needs  external 
storage  encryption; 
5GB  file  size 
limit;  weaker 
security  model. 

SLA  more  expensive; 
documents  weak, 
especially  on 
transcoding. 

No  native  file  object 
encryption,  no 
addressable  API. 

No  NFS  or  other  filesystems 
support;  requires  lots  of 
storage  to  be  cost-effective. 

Total 

3.75 

3.75 

3.5 

3.25 

3.67 

score 
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Cloud  storage  costs 


Cloud  storage  vendors  charge  customers  on  a  variety  of  metrics: 

how  much  storage  space  is  used,  how  much  data  is  uploaded,  how 

much  data  is  downloaded  (download  and  upload  rates  are  usually 

different),  and  how  many  requests  are  made  to  the  data  store. 

So,  trying  to  predict  your  cloud  storage  costs  (GB) 

can  be  difficult.  Here’s  what  it  would  cost  Storage  50 

monthly  based  on  50GB  of  storage,  plus  _  . ...  .  „ 

3  Bandwidth  in  50 


50GB  of  storage  uploaded  and  100  GB  of 
storage  downloaded. 


Bandwidth  out  100 


0  50  100  150  200  250  300  350 


Amazon  S31 

Standard 
Reduced  redundancy 

Nirvanix 

1:  SDN  (99.9%) 
2:  SDN  (99.99%) 
3:  SDN  (99.999%) 

Rackspace  Cloudfiles1 

Normal  (99.9%) 

Egnyte2 

150GB  storage 
1TB  storage 

Nasuni2 

w/  Amazon  S3 
w/  Rackspace 
w/  Nirvanix  using  2  SDN 


emulator,  is  a  file  object  repository  rather 
than  a  file  system  familiar  to  end  users. 

Objects  aren’t  inherently  encrypted.  The 
transport,  SSL,  is  encrypted,  but  if  you  want 
to  mask  the  object’s  contents  through  encryp¬ 
tion,  you  need  to  manage  this  yourself  with 
CloudFiles.  This  isn’t  a  showstopper,  rather 
an  alarm  for  those  that  must  adhere  to 
encrypted  data  rules. 

Rackspace  uses  a  Web  control  panel  at 
www.rackspacecloud.com  to  permit  users  to 
obtain  a  key  for  access  to  storage  areas.  The 
only  authentication  possible  is  the  use  of  that 
API  access  key,  plus  a  user  name.  There  are  no 
other  permissions,  access  controls  or  ACLs  for 
full  read/write  permission  to  stored  objects. 

For  this  reason,  native  access  to  Rackspace’s 
CloudFiles  storage  objects  are  likely  to  revolve 
around  Web  apps,  backups,  temporary  stor¬ 
age  and  file  distribution. 

It  should  also  be  noted  that  Rackspace,  like 
Amazon  and  other  cloud  hosts  tested,  is  evolv¬ 
ing  an  impressive  list  of  third-party  hosting 
partners  that  augment  features  —  often  for 
specific  vertical  markets. 

Amazon  S3 

Amazon,  while  not  quite  as  fast  as  Rackspace, 
is  accessed  in  a  similar  way.  We  could  use  a 
Web-based  upload  or  download,  or  Amazon’s 
API.  The  API  offered  myriad  language  choices, 
including  Ruby,  .Net/C#,  Java,  and  many  more 
—  as  well  as  third-party  client  access  tools  such 
as  CyberDuck.  Amazon  adds  BitTorrent  access 
for  download  as  well.  And  like  Rackspace,  S3 
has  a  limitation  of  5GB  per  object. 

Amazon’s  pricing  is  similar  to  Rackspace’s, 
with  charges  for  storage  (first  50TB  at  15  cents 
per  gigabyte)  data  transfers  and  requests  (1 
cent  per  1,000  requests.)  An  added  twist  is 
that  Amazon  offers  slightly  less  expensive 
storage  depending  on  where  your  Amazon 
S3  bucket  is  located. 

Unlike  Rackspace,  Amazon’s  S3  imple¬ 
ments  access  control  lists  on  files.  This  comes 


1  PUT/GET/HEAD/DELETE,  etc  are  not  included  in  pricing 


in  the  form  of  read,  write  and  “full  control” 
metadata  on  objects.  As  we  went  to  press, 
Amazon  released  new  controls  over  buckets 
(containers)  that  ostensibly  secure  the  con¬ 
tainer  and  all  of  the  files  inside. 

S3  can  also  do  a  query  string  authentica¬ 
tion,  so  that  requests  to  manipulate  files  can 
be  made  into  a  URL  directly  to  an  S3  object. 


2  Monthly  fees  are  cheaper  if  bought  in  yearly  packs 


Overall  access  is  performed  through  an 
Access  Key  ID  and  a  Secret  Key,  generated 
through  the  Amazon  Web  interface  control 
panel.  Multiple  keys  can  be  generated  at  a 
time  for  subsequent  use  by  a  primary  account 
holder  for  use  by  others. 

Natively,  the  Amazon  S3  storage  system  is 
surprisingly  flexible,  and  can  be  used  for  the 
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Product 

Amazon  S3 

Rackspace  CF 

Nirvanix  SDN 

Egnyte 

Nasuni 

Performance  (25%) 

4 

4.5 

4 

3 

NA 

Security  (25%) 

3.5** 

3 

3 

3.5 

4 

Management/admin  (25%) 

3.5 

3.5 

3.5 

3.5 

4 

Features/compatibility  (25%) 

4 

4 

3.5 

3 

3 

Total 

3.75 

3.75 

3.5 

3.25 

3.67* 

*  PERFORMANCE  NOT  TESTED.  **  NEWLY  ANNOUNCED  SECURITY  FEATURES  WOULD  RAISE  THIS  SCORE. 
SCORING  KEY:  5:  EXCEPTIONAL;  4:  VERY  GOOD;  3:  AVERAGE;  2:  BELOW  AVERAGE;  1:  SUBPAR  OR  NOT  AVAILABLE 
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public/private  cloud  computing  components 
aforementioned,  as  well  as  Web  apps,  back¬ 
ups,  temporary  storage  use,  file  distribution, 
plus  distribution  via  BitTorrent. 

Nirvanix  Storage  Delivery  Network 

Nirvanix’s  SDN  was  both  highly  flexible  and 
comparatively  fast  in  our  testing.  Nirvanix 
allows  access  to  the  SDN  via  two  methods, 
an  API  that  supports  SOAP  or  REST  proto¬ 
cols  over  secure-HTTP,  or  one  can  directly 
mount  partition(s)  using  their  CloudNAS  as 
a  gateway. 

There’s  an  installation  program  on  certain 
supported  Linux  machines  —  physical  or  vir¬ 
tual;  we  used  Ubuntu  9.0.4  Linux,  but  didn’t 
use  the  Windows  CloudNAS  software. 

For  a  one-node  storage  delivery  network, 
Nirvanix  charges  25  cents  per  gigabyte  of 
storage  per  month,  10  cents  per  gigabyte 
for  uploads  and  15  cents  per  gigabyte  for 
downloads,  and  20  cents  per  1,000  calls  for 
requests. 

We  had  to  create  the  VM  by  ourselves 
and  install  all  prerequisites  and  then  install 
CloudNAS  supplied  in  a  zip  file  for  various 
distributions  of  Linux. 

CloudNAS  is  mounted  directly  into  the 
Linux  file  system.  It’s  possible  to  use  the 
CloudNAS  system  to  encrypt  (using  AES 
256-bit)  but  it’s  not  convenient.  We  could  find 
no  documentation  regarding  the  creation  of 
encryption  keys,  only  where  to  store  them. 
We  had  to  create  the  keys  by  ourselves  and 
set  them  in  a  config  file,  then  CloudNAS  used 
them  to  automatically  encrypt  and  decrypt 
while  uploading/downloading  files. 

Cache  can  only  be  enabled  if  you  have  a 
minimum  of 200GB  free  space.  If  cache  is  not 
enabled  (an  option),  then  encryption  can’t  be 
used. 

Nirvanix  had  support  for  the  largest  file 
size,  256GB,  which  can  be  sent  using  HTTP 
upload,  or  the  upload  functions  of  SOAP  or 
Ruby.  Nirvanix  has  an  overall  size  limitation 
of  2TB  stored,  but  more  is  available  under 
contract,  Nirvanix  says. 

Nirvanix  also  has  the  capacity  to  configure 
default  storage  security  via  AES,  separate 
from  the  SSL  connection  from  the  Cloud¬ 
NAS  to  the  SDN.  When  accessing  files  using 
the  Nirvanix  API  or  Web  services,  we  could 
create  child  accounts  for  each  application  and 
those  could  be  used  to  login  and  retrieve  files. 

Nirvanix  calls  its  data  stores  “applications” 
so  that  you  can  use  a  different  store  for  each 
application  and  they  would  be  separated.  We 
had  one  “application”  for  CloudNAS  and  one 
“application”  for  testing  the  API.  They  were 
completely  separate,  although  it’s  possible  to 
just  use  one  for  everything. 

Nirvanix  straddles  the  line  between  API- 
connected  file  containerization,  and  the  NAS 
world,  where  the  actual  drive  is  in  the  cloud. 

Nasuni  Filer 

Nasuni  Filer  is  a  VM  front  end  that  uses 


Night  and  day 

If  you  decide  to  move  data  back  and  forth 
across  the  Internet,  the  reality  is  that  your 
upload  and  download  speeds  will  vary. 

We  tested  the  performance  of  four  cloud 
storage  vendors  and  found  that  upload 
speeds  were  higher  than  download 
speeds.  We  also  found  that  performance 
overall  was  better  at  night,  when  the 
Internet  is  not  as  congested.  (For  this  test, 
we  uploaded  and  downloaded  a  variety  of 
files,  ranging  in  size  from  500KB  to  1GB. 


LEGEND 

Day  average  upload 
Day  average  download 

Night  average  upload 
Night  average  download 


S  file  =  500KB,  M  file  =  2MB,  L  file  =  50MB, 
XL  file  =  1GB 

20  S  files,  20  M  files,  10  L  files,  3  XL  files 
were  used  in  each  upload/download  test 
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various  cloud  storage  vendors  as  a  back  end, 
and  presents  itself  to  subscribers  as  a  CIFS 
share,  amounting  to  a  network  attached  store/ 
fat  hard  drive  in  the  cloud. 

It  can  be  accessed  as  a  shared  file  reposi¬ 
tory  in  any  way  that  administrators  want  to 
permit. 

As  well  as  being  a  CIFS  share,  Nasuni 
includes  an  application  that  can  back  up  file 
systems,  much  like  Apple’s  Time  Machine,  on 
an  hourly  basis,  taking  snapshots  of  data  that 
are  de-duplicated,  then  sent  to  the  cloud  stor¬ 
age  vendor’s  repository. 

In  turn,  data  can  be  restored  by  file,  folder 
or  in  its  entirety  should  disaster  (or  thieves) 
strike.  The  downside  is  that  snapshots  cur¬ 
rently  aren’t  deleted.  We  uploaded  a  snapshot 
containing  an  ISO  image  at  the  beginning  of 
our  tests,  and  then  deleted  the  ISO,  but  the 
snapshot  with  the  ISO  in  it  is  still  alive.  This 
increases  storage  costs. 

Nasuni  can  be  used  on  networks  with  an 
Active  Directory  infrastructure,  or  in  a  stand¬ 
alone  way.  There  is  no  API,  no  WebDav,  no 
Ruby  access,  and  there  doesn’t  need  to  be,  if 
your  goal  is  an  intelligent  Internet  hard  drive. 

Data  sent  from  Nasuni’s  cache  to  cloud  stor¬ 
age  is  encrypted  using  OpenPGP  with  AES- 
256  strength  encryption  keys.  Not  only  is  data 
encrypted,  but  it’s  compressed  as  well. 

Nasuni  asks  for  a  hard  drive  with  a  mini¬ 
mum  132GB  of  free  space.  Caching  increases 
speed,  but  made  performance  testing  impos¬ 
sible,  as  the  locus  of  the  data  isn’t  really  under 
our  control.  It  could  be  on  the  local  storage 


media,  or  it  might  be  in  the  cloud.  You  may  not 
know  or  care,  except  that  Nasuni  is  no  faster 
than  the  cloud  connectivity  that’s  used. 

And  there’s  the  rub,  or  benefit:  Nasuni 
costs  $300  per  month  (or  less  depending  on 
contract  term)  on  top  of  the  cloud  storage 
provider’s  storage  charge.  What  Nasuni  bur¬ 
ies  into  its  cost  are  the  cloud  storage  vendor’s 
transport  costs  and  access  charges.  Nasuni 
eats  those  charges,  passing  only  the  storage 
charge  for  the  data. 

The  principle  advantage  to  Nasuni  storage 
interface  is  its  simplicity  for  network  file  sys¬ 
tem  expansion,  where  the  cloud  storage  ven¬ 
dor’s  resources  become  extensions  of  the  stor¬ 
age  network  infrastructure.  Nasuni  makes 
branch  rollouts  specifically  simple. 

Egnyte 

Egnyte’s  secret  sauce  is  Web-based  Distrib¬ 
uted  Authoring  and  Versioning  or  WebDAV, 
an  HTTP  extension  developed  by  the  IETF 
that  allows  computer  users  to  edit  and  man¬ 
age  files  collaboratively  on  remote  machines. 

Egnyte  is  an  online  warehouse  that  uses 
WebDAV  (as  well  as  FTP/FTPS)  for  access. 
There  are  no  Egnyte  VMs  as  gateways,  only 
accessibility  to  Egnyte  through  WebDAV 
access  as  a  share  —  much  like  how  CIFS 
works. 

Access  can  be  set  per  folder  for  users  and 
groups  with  read  only,  read/write  and  read/ 
write/delete  permissions. 

We  could  also  use  Egnyte’s  Web  page  to 
upload  or  download  files  via  a  Java  applet. 


Security  concerns 

Those  desiring  comfortable  high 
security  may  be  disappointed. 
While  all  of  the  vendors  we 
tested  provided  link  encryption, 
data  encryption  was  glossed  over 
by  the  container  providers.  We 
wanted  to  see  port  scrambling  and 
IP  address  access  control  lists,  but 
these  were  missing  across  the  board. 
Admittance  control  would,  for  some 
thinkers,  break  the  cloud  model  by 
creating  an  extranet  relationship 
between  a  subscriber  and  the  cloud 
storage  area,  but  we’d  feel  happier 
if  there  were  greater  admittance 
control  by  IP  address.  At  press  time, 
Amazon  announced  such  IP  address 
admittance  control,  along  with 
HTTP_Referrer  control  (URL-based 
admittance),  but  we  were  unable  to 
examine  it  at  deadline. 


WebDAV  support  is  hardly  mentioned  in  the 
documentation,  but  there  is  a  supplied  Egnyte 
application  that  mounts  the  WebDAV  share 
“behind  the  scenes,”  which  is  what  most  orga¬ 
nizations  would  use.  Therefore,  most  people 
wouldn’t  even  know  that  it’s  using  WebDAV. 

The  Egnyte  application  runs  on  Windows, 
Mac  or  Linux  —  and  we  tested  it  on  Mac. 

The  WebDAV  file  system  is  mounted  as  a 
peer  drive  on  a  host,  either  a  server  on  your 
network,  or  a  user/workgroup  share.  The 
products  that  perform  this  gateway  service 
vary  from  operating  system  to  operating  sys¬ 
tem  and  most  are  native. 

Windows  7,  however,  seems  to  require 
third-party  software  or  running  Windows 
IIS7  on  client  or  server  desiring  peer  access  to 
WebDAV  resources. 

The  rationale  behind  WebDAV  is  sharing 
files,  and  versioning  metadata  is  included 
with  file  storage,  along  with  file  share/locking 
mechanisms.  File  sizes  are  limited  to  15GB  via 
ftp/ftps,  500MB  via  Java  applet,  10MB  via  sin¬ 
gle  file  uploader,  but  it’s  possible  to  send  truly 
huge  files  (15GB+)  via  a  physical  drive  transfer. 

Egnyte  doesn’t  have  bandwidth  charges, 
rather  there’s  a  tier  of  use  broken  into  standard 
and  power  user  license  packs  with  gradients 
regarding  user  count  and  storage  size.  ■ 

Henderson  is  principal  researcher  and 
Allen  is  a  researcher  for  ExtremeLabs 
in  Indianapolis.  They  can  be  reached  at 
thenderson@extremelabs.com. 


How  we  did  it 

We  downloaded  each  vendor's  software  into  our  lab,  and  network  operations 
center.  We  used  scripts  running  on  a  virtual  Ubuntu  9.10  Server  running  on 
ESX  4.0  at  our  NOC  at  n|Frame  in  Carmel,  Ind.,  to  test  upload  and  download 
speeds.  We  performed  two  sets  of  tests  with  multiple  files  uploaded  and  downloaded, 
first  during  the  day,  then  at  night.  The  second  set  was  run  from  our  XServe  running 
Mac  OS  X  Server  10.5.8  using  the  same  criteria  (day  and  night  uploads/downloads). 

Each  upload  and  download  test  consisted  of  the  following  randomly  generated  files: 
20  x  500KB,  20  x  2MB,  10  x  50MB,  3  x  1GB.  Approximately  14,487  MB  of  files  were 
uploaded  and  14,487  MB  of  files  were  downloaded  from  each  vendor’s  site. 

All  the  upload/download  scripts  used  were  written  in  the  Ruby  programming  language 
and  bash  shell  scripts  used  to  launch  them.  Egnyte  does  not  have  an  API  for  its  file 
operations,  however,  it  does  allow  Webdav  requests.  We  used  curl,  a  Linux  http  request 
command  line  tool,  to  send  Webdav  requests  to  access  Egnyte  files  in  our  Ubuntu  VM. 

Because  Nasuni  did  not  have  an  API  to  use,  we  couldn’t  include  upload  and  down¬ 
load  data  for  them.  Also,  Nasuni’s  product  uses  multiple  clouds  so  it  works  a  little 
differently  since  there  is  a  local  machine  running  with  a  cache.  Nirvanix  has  a  similar 
product,  CloudNAS,  but  they  also  have  an  API  to  test,  and  that’s  what  we  used.  Both 
Nirvanix  and  Nasuni's  NAS-type  products  were  tested  via  VMware  ESX  4.0  as  virtual 
machines.  For  other  features  such  as  creating  sub-accounts,  changing  URLs,  and  data 
gathering,  we  used  each  vendors  Web  interfaces  where  available. 
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Scrutinizing  Google/Verizon’s  proposal 


IN  SPITE  of  the  fact  that  the  net  neutrality 
proposal  that  Google  and  Verizon  published 
on  Aug.  9  was  not  much  like  what  the  rumor 
mill  predicted,  the  proposal  sure  has  kicked  off  a  lot  of  controversy. 

The  start  of  the  proposal  reads  just  like  many  a  pro  net  neutrality 
screed.  It  basically  supports  the  FCC’s  2005  net  neutrality  policy  state¬ 
ment.  In  fact,  most  of  the  proposal  can  be  seen  as  quite  pro  net  neutral¬ 
ity,  at  least  within  specific  environments. 

There  are  few  litigation-attracting  wording  suggestions  in  the  pro¬ 
posal.  For  example,  one  would  block  discrimination  only  if  it  “causes 
meaningful  harm  to  competition  or  to  users.”  Clearly  the  view  of  what 
would  constitute  “meaningful  harm”  would  not  be  consistent  across 
all  viewers  of  a  situation. 

The  three  biggest  areas  of  controversy  are  the  proposals  to  exempt 
‘wireless  broadband”  and  “additional  online  services”  from  the  net  neu¬ 
trality  regulations  and  the  limits  on  the  FCC’s  rulemaking  authority. 

The  proposal  exempts  wireless  broadband  because  it  is  “competitive 
and  still-developing”  but  does  not  give  a  reason  to  exempt  additional 
online  services,  nor  does  it  provide  a  reason  to  make  it  so  the  FCC  could 
not  make  the  rules  it  would  be  charged  with  enforcing. 

It  appears  from  the  discussion  on  the  Google  corporate  blog  posting 
that  tries  to  refute  some  of  the  blogosphere’s  assertions  of  evil  in  the 
proposal  that  Google  and  Verizon  mean  cellular  wireless,  not  Wi-Fi 
when  they  refer  to  “wireless  broadband.”  If  this  is  the  case,  then  Google 
and  Verizon  are  in  error  when  they  say  that  wireless  is  “competitive”,  at 
least,  to  use  their  word,  competitive  in  a  meaningful  way.  To  be  mean¬ 
ingfully  competitive,  users  have  to  be  able  to  switch  providers  if  they 


feel  they  will  get  a  better  deal  with  another. 

The  idea  that  ISPs  can  offer  “additional  online  services”  is  not  all  that 
new.  I  have  Comcast  Internet  service  at  home.  Comcast  provides  an 
additional  service,  cable  TV,  over  the  same  physical  infrastructure.  At 
this  point  the  two  services  are  easily  distinguishable,  one  runs  over  the 
Internet  Protocol  and  the  other  does  not.  Things  will  get  much  harder  to 
distinguish  when  Comcast  moves  to  provide  its  video  or  telephone  ser¬ 
vice  over  IP.  The  proposal  says  that  the  exempt  additional  services  must 
be  “distinguishable  in  purpose  and  scope”  from  Internet  access  but  that 
is  a  very  slippery  slope  to  stand  on  for  long.  I  can  get  video  service  over 
the  Internet  today.  It’s  not  clear  how  a  Comcast  video  service  would  be 
‘distinguishable  in  purpose  and  scope”  from  what  I  can  get  today.  This 
proposal  looks  to  me  like  Google  and  Verizon  want  to  authorize  a  non- 
Internet  in  parallel  to  the  Internet,  a  non-Internet  in  name  and  regula¬ 
tion  only,  and  that  is  not  good  for  anyone  other  than  the  carriers. 

A  lot  of  the  blogosphere,  as  well  as  the  traditional  press,  reacted  to 
this  proposal  as  if  Google  and  Verizon  have  full  authority  to  define  final 
rules.  It  does  help  to  focus  the  discussion,  and  that  is  a  good  thing,  but 
it  is  only  a  proposal.  It  is  now  up  to  Congress,  the  FCC  and  the  public  to 
have  the  discussion  that  may  (not  will)  result  in  actual  regulations. 

Disclaimer:  Harvard  understands  the  fullness  of  time  better  than 
most  organizations,  being,  for  example,  almost  300  years  older  than 
the  FCC.  But  I  know  no  one  at  the  university  predicting  the  outcome  of 
this  process,  thus,  the  above  review  is  my  own.  ■ 

Bradner  is  Harvard  University's  technology  security  officer.  He  can  be 
reached  at  sob@sobco.com. 
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Sensaphone  Remote  Monitoring  Products  use 
redundant  communication  paths,  built-in  battery 
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APC  integrated  cooling  future-proofs  your 
IT  room  without  breaking  the  bank. 


Is  your  server  room  a  barrier  to  adopting  new  technologies? 


Consolidation,  virtualization,  network  convergence,  blade  servers— these  new  tech¬ 
nologies  improve  efficiency,  cut  costs,  and  allow  you  to  “do  more  with  less.”  But 
they  also  bring  high-density  power,  cooling,  and  management  challenges  that  server 


your  server  room 
without  overhauling  it. 


rooms  were  never  designed  to  handle.  You’re  relying  on  guesswork,  depending  on 
building  air  conditioning,  or  improvising  remedies.  So,  how  can  you  increase  the  level 
of  reliability  and  control  in  your  server  room  without  spending  a  fortune? 

Introducing  the  APC  by  Schneider  Electric™  total  server  room  solution 

Now  you  can  get  power,  cooling,  monitoring,  and  management  components 
that  easily  deploy  together  as  a  complete,  integrated  solution.  Everything  has 
been  pre-engineered  to  work  together  and  integrate  seamlessly  with  your  existing 
equipment.  Just  slide  this  proven,  plug-and-play  solution  into  most  existing  spac¬ 
es— there’s  no  need  for  confusing  cooling  configurations  or  expensive  mechanical 
re-engineering.  The  modular,  “pay  as  you  grow”  design  lets  you  be  100  percent 
confident  that  your  server  room  will  keep  pace  with  ever-changing  demands. 

Future-proof  your  server  room  easily,  cost-effectively 

APC  takes  the  hassle  out  of  configuring  server  rooms.  Self-contained  InRow™ 
cooling  units,  high-density  NetShelter™  enclosures,  and  the  APC  rack  air  contain¬ 
ment  system  combine  to  create  a  proper  IT  ecosystem  in  almost  any  surrounding. 
Rack-level  monitoring  sensors,  intelligent  controls  built  into  the  cooling  unit,  and 
integrated  management  software  provide  complete  remote  control  and  unprece¬ 
dented  visibility  into  the  entire  system.  Simply  add  power  protection  (like  undisputed 
best-in-class  Smart-UPS™  or  Symmetra™  units)  and  you  have  a  total  solution  for 
today,  tomorrow,  and  beyond. 


The  integrated, 
cooled,  managed 
server  room 

Q  Cooling  Effective  and 
energy-efficient  InRow 
cooling  units  handle 
high-density  heat  at  its 
source.  Unique  variable- 
speed  fans  automatically 
adjust  to  meet  changing 
heat  loads. 

©  Power  Energy-efficient,  ultra-reliable  Smart-UPS  and 
Symmetra  UPSs  offer  scalable  runtime.  Rack-mount 
power  distribution  units  (PDU)  ensure  that  a  wide  variety 
of  devices  get  plugged  in  and  powered. 

©  Environmental  Monitoring  &  Management 

PoE-enabled  temperature  sensors  let  you  keep  an  eye 
on  conditions  at  the  rack  level.  Metered  PDUs  report 
on  aggregate  power  draw  and  tell  you  which  racks 
have  available  capacity.  Centralized  software  gives  you 
real-time,  data-driven  insight  into  the  entire  system  from 
anywhere  on  the  network. 

©  Enclosures  Vendor-neutral  NetShelter  SX  rack 
design  handles  high-density  airflow  and  power  needs. 


Learn  how  to  reduce  cooling  expenses 
with  our  FREE  Cooling  Efficiency  kit. 
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©2010  Schneider  Electric  Industries  SAS.  All  Rights  Reserved.  Schneider  Electric,  APC,  InRow,  NetShelter,  Symmetra.  and  Smart-UPS  are  owned  by  Schneider  Electric,  or  its  affiliated  companies  in  the 
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We’re  looking  for  the  next  generation  of  standout  IT  leaders.  The 
CIO  Ones  to  Watch  Award  honors  the  rising  stars  in  IT— the  senior  staff 
destined  to  become  the  CIOs  of  the  future— as  identified  and  sponsored 
by  the  CIOs  of  today’s  leading  organizations. 

CIO  magazine  and  the  CIO  Executive  Council’s  sixth  annual  Ones  to 
Watch  award  identifies  the  rising  stars  in  IT.  To  be  honored,  these 
future  CIOs  must  have  demonstrated  leadership,  driven  innovation 
and  delivered  value  to  their  business;  in  short,  they  will  soon  be  able 
to  head  up  their  own  IT  organization.  The  awards  are  judged  by  a 
panel  of  veteran  CIOs  experienced  in  leadership  development  and 
understand  the  characteristics  that  prepare  today’s  IT  managers  to 
be  tomorrow’s  successful  CIOs. 

Apply  today  at:  cio.com/otw 

Winners  will  be  honored  during  the 
CIO  Leadership  Event  May  1-3,  2011, 
at  the  Marriott  Sawgrass,  Ponte  Vedra 
Beach  FL,  featured  in  the  May  issue  of 
CIO  magazine  and  online  at  cio.com 

Nominations  accepted  through 
October  29.  For  more  information 
about  this  and  other  prestigious 
programs  visit:  cio.com/cio-awards 
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Rest  in  bits 

IN  FEBRUARY  last  year,  Dan,  a  friend  who 
I  had  never  met,  died.  We  knew  each  other 
only  through  a  private  e-mail  list  that  we 
had  both  belonged  to  for  more  than  a  decade  and  his  death  was  very 
sad.  He  was  a  really  smart,  witty  man  and  his  passing  was,  to  say  the 
least,  untimely. 

Then  a  few  days  ago,  Anne  Marie  Merritt,  another  denizen  of  the  list 
posted  the  following:  “Linkedln  just  listed  our  dearly  departed  friend 
[Dan]  as  someone  I  may  know,  asking  if  I  want  to  connect  with  him.  / 
Though  the  answer  is  a  resounding  YES,  I  am  pretty  sure  that  Linke¬ 
dln  is  not  going  to  be  able  to  handle  this,  as  [Dan]  is  likely  not  interested 
in  linking  with  me  again  until  the  day  I  jack  into  the  same  interconnect 
he’s  on.  And  I’m  not  going  to  an  internet  medium.” 

It  turns  out  that  our  late  friend’s  Linkedln  account  still  exists  and 
after  more  than  a  year  the  machinery  in  the  bowels  of  the  service, 
finally  managed  to  draw  a  dotted  line  between  Anne  Marie  and  Dan. 

This  kind  of  thing  is  very  weird  and  creepy  and  something  that’s 
happening  with  increasing  frequency  because  Internet  users,  and 
the  communications  and  social  networking  services  they  use,  haven’t 
developed  protocols  to  handle  the  virtual  death  of  someone. 

That’s  not  to  say  that  it  never  gets  handled  smoothly.  When  my  god¬ 
daughter  passed  away  last  year  I  was  able  to  manage  her  Facebook 
account  simply  because  I  knew  her  password.  I  was  able  to  post  a  notice 
on  her  “wall”  so  her  friends  knew  what  had  happened  along  with  an 
e-mail  address  so  they  could  get  in  contact  with  her  family.  Then,  as  her 
family  wished,  shortly  after  the  funeral  I  deleted  the  account. 

The  problem  for  most  people  is  that  when  a  friend  or  loved  one 


dies,  that  level  of  administrative  access  to  their  account  is  usually  not 
available. 

It’s  interesting  to  see  how  the  various  social  networking  services  han¬ 
dle,  or  don’t  handle,  the  issue  of  what  to  do  with  the  accounts  of  users 
who  have  passed  away.  Twitter  recently  published  its  procedure,  Face- 
book’s  process  has  been  around  since  late  last  year,  and  Linkedln  has 
had  a  policy  in  place  for  some  time. 

A  big  concern  with  any  protocol  for  dealing  with  deceased  member 
accounts  is  that  if  there  are  procedural  weaknesses  there’s  a  risk  of  the 
service  being  “gamed”  by  bad  guys  and,  consequently,  the  untimely 
virtual  death  of  members. 

Another  problem  is  that  in  most  cases  we  have  no  idea  what  the 
deceased  would  have  actually  wanted. 

So,  should  the  departed’s  content  be  frozen  and  left  online?  In  the 
case  of  Facebook,  should  postings  to  the  deceased’s  “wall”  be  disabled? 
And  what  happens  if  what  friends  want  conflicts  with  the  wishes  of  the 
departed’s  family?  Or,  even  trickier,  what  to  do  when  different  family 
members  want  different  things  done  with  the  departed’s  content? 

There  are  also  the  e-mail  accounts  and  the  content  of  the  deceased’s 
computer  (or  computers).  Another  friend  on  the  list,  Art  Medlar,  wrote: 
“When  I  go  I  don’t  want  my  online  life  deleted  too.  I  want  the  bit  rotting 
HTML  to  age  like  a  winged  skull  on  a  New  England  headstone.” 

So,  tell  me,  when  you  shuffle  off  this  mortal  coil,  what  should  be 
done  with  the  remains  of  your  digital  life?  Do  you  want  a  virtual  online 
tombstone  or  should  it  all  be  sent  to  the  bit  bucket  in  the  sky?  ■ 

Gibbs  ponders  his  finitude  in  Ventura,  Calif.  Your  terminal  thoughts 
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‘Hope  all  is  well’  can  be  annoying  as ... 


(I  AM  on  vacation.  Here’s  a  Buzzblog  item 
posted  just  before  I  left  that  prompted  a  bit 
of  back  and  forth  with  readers.) 

An  e-mail  arrives  this  morning  from  someone  I  do  not  know  and  with 
whom  I  have  had  no  prior  business  interaction.  It  begins  this  way: 

“Hi  Paul, 

“Hope  all  is  well.” 

Hope  all  is  well?  Honestly? 

Maybe  in  the  abstract,  this  person  hopes  I  am  well,  but  not  really.  Not 
in  the  way  that  I  hope  my  sister  in  Minnesota,  with  whom  I  have  been 
out  of  touch  lately,  is  well. 

The  e-mail  sender  in  this  case  happens  to  be  a  public  relations  pro¬ 
fessional  whose  interest  in  my  well-being  is  grounded  not  in  genuine 
concern  but  rather  the  possibility  that  I  might  write  something  nice 
about  her  client.  She  hopes  I  am  well  enough  to  write  that  item. 

What  bugs  me  about  this  ploy  is  not  just  the  transparent  insincerity 
but  the  underlying  assumption  that  it  might  be  effective;  that  having 
established  this  “personal  connection”  increases  the  likelihood  that  I 
will  come  across  with  the  goods:  positive  publicity. 

This  beef  is  a  trivial  matter,  I  realize;  virtually  all  e-mail  etiquette 
issues  are  minor  by  definition.  But  every  time  I  read  that  smarmy 
greeting  my  blood  pressure  ticks  up  just  a  notch,  meaning  that  lam  — 
ever  so  briefly  —  less  well. 

Venting  is  good  for  one’s  health ...  and  there  was  plenty  of  that  in  the 
blog  comments.  Let’s  start  with  “Mac”: 

“What  is  wrong  with  someone  wishing  you  well?  How  can  you  judge 
the  person’s  intention  from  such  a  benign  brief  written  statement  that 


doesn’t  have  the  voice  connotations?  More  importantly,  tell  us  what 
should  one  say  in  opening  an  email  to  someone  they  don’t  know  well? 
How  do  you  break  the  ice?” 

I  took  the  question  to  be  rhetorical  since  Mac  also  suggested  that 
I  must  have  better  things  to  write  about.  Reader  “GooRu,”  however, 
stepped  up  to  answer: 

“You  are  missing  the  point.  ‘Hope  you  are  well’  is  an  unnecessary  and 
insincere  attempt  at  camaraderie.  The  ice  is  broken  at  ‘Hi  Paul.’” 

Another  comment  is  headlined,  “You’re  a  curmudgeon”:  “In  a 
world  where  people  need  to  have  politeness  and  manners,  you’re 
eschewing  them.  Be  direct.  Get  to  the  point.  Time  urgency  is  a  sick¬ 
ness.  It’s  part  of  the  Type  A  Stress  Syndrome.  Read  Friedman  and 
Ulmer’s  fix  for  this. 

“And  stop  bashing  people  for  trying  to  be  nice.  It’s  better  than  the 
grumpiness  you’re  showing.  The  ritual  of  manners  is  something  sorely 
lacking  in  this  polarized  society.  The  lack  of  manners  points  to  a  dis¬ 
eased  mindset,  one  that  must  constantly  punch  to  the  point.  Bah.  Have 
a  nice  day ...  otherwise.” 

I  took  this  one  myself  with  a  reply  titled,  “Welcome,  you  must  be 
new  here:” 

Of  course  I’m  a  curmudgeon  but  I’m  not  the  one  being  impolite.  It  is 
in  no  way  mannerly  to  feign  personal  concern  as  a  prelude  to  soliciting 
business  from  a  total  stranger  (nor  would  Emily  Post  approve  of  using 
“diseased  mindset”  as  an  ice-breaker,  but  we’ll  let  that  slide). 

There’s  more  at  tinyurl.com/3241whb.  Feel  free  to  chime  in.  ■ 

This  will  work,  too:  buzz@nww.com. 


34  AUGUST  23,  2010  www.networkworld.com 


leadership  for  the  TPC-C.TPC-H 10TB,  and  SAP  3-Tier  SD  benchmarks  between  June  1 , 2005,  and  June  1 , 201 0.  For  more  information,  see  http://www.tpc.org  and  http://www.sap.com/solutions/ 
lemarks  cf  the  TPC.  IBM,  the  IBM  logo.  ibm.com,  DB2,  Power  Systems,  Smarter  Planet  and  the  planet  icon  are  trademarks  of  International  Business  Machines  tap.,  registered  in  many  jurisdictions 
might  be  tj/ijgnwksof  iBM  of  other  companies.  Acurrent  list  of  IBM  trademarks  is  available  on  the  Web  at  www.ibm.com/legal/copytrade.shtml.©  International  Business  Machines  Corporation  201 0. 


Smarter  technology  for  a  Smarter  Planet: 

It’s  time  to  ask  smarter  questions. 

What  exactly  does  a  benchmark  mean?  For  the  last  five  years,  IBM  DB2®  on  Power  Systems""  has  ranked 
first  on  three  of  the  industry’s  leading  performance  benchmarks,  longer  than  Oracle  and  Microsoft  combined.’ 
But  shouldn’t  we  be  asking  our  IT  to  deliver  more  than  just  raw  performance?  What  really  matters  isn’t  some 
abstract  measure  of  performance,  it’s  what  companies  actually  do  with  it.  For  instance,  Coca-Cola  Bottling 
Company  is  using  DB2  on  Power  to  reduce  licensing,  maintenance  and  storage  fees  by  $350,000.  EuResist 
is  using  an  integrated  analytics  solution  to  predict  the  most  effective  drug  combinations  for  individuals 
with  HIV,  with  78%  accuracy.  And  the  Dubai  Gold  &  Commodities  Exchange  is  working  with  IBM  Security 
Services  to  achieve  system  uptime  of  over  99.9%.  On  a  smarter  planet,  these  are  the  benchmarks  that  matter. 

A  smarter  business  is  built  on  smarter  software,  systems  and  services. 

Let’s  build  a  smarter  planet,  ibm.com/questions 


Coast-to-coast  network. 
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Introducing  CenturyLink™  Business 

Now  you  Gan  get  the  benefits  of  a  top-tier  national  network  without 
giving  up  expert  local  support.  CenturyLink  -  the  result  of  a  merger 
between  CenturyTel  and  EMBARQ  -  brings  you  the  best  of  both  worlds. 
So  you  can  count  on  us  for  the  technology,  resources  and  people  your 
business  needs  to  succeed. 


You're  Stronger  Connected™  with  a  company  that  combines 
end-to-end  connectivity  with  face-to-face  support. 

Learn  more  at  centurylink.com/stronger 
or  call  1-866-345-0814. 
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